General
-
Target
2024-11-18_660b6aa00f8bdb8ee21d1786ae14f454_floxif_icedid
-
Size
2.1MB
-
Sample
241118-w43dtaxmar
-
MD5
660b6aa00f8bdb8ee21d1786ae14f454
-
SHA1
61a60ec652de397e3382f9b05cebb7f5f4feab66
-
SHA256
892b6721014f53044cfb83373cb2c2405f897faff95893710405e0260e2b9890
-
SHA512
94c84c6426a8cc2220809d4e4c071930e93f67e7e8be37463d2526e8fc957d61149d637449f2078f94c58fe33786d626d994aa9ef85d902e993c36f7b602dbd1
-
SSDEEP
49152:I4qMMGqeFE9xVJHBcNNKlaBz2VhAa5cR1yiYGOzuh0o3O:ITMMGqeFMVDcNNYaBz2H5+1NYGOzuh0d
Malware Config
Targets
-
-
Target
2024-11-18_660b6aa00f8bdb8ee21d1786ae14f454_floxif_icedid
-
Size
2.1MB
-
MD5
660b6aa00f8bdb8ee21d1786ae14f454
-
SHA1
61a60ec652de397e3382f9b05cebb7f5f4feab66
-
SHA256
892b6721014f53044cfb83373cb2c2405f897faff95893710405e0260e2b9890
-
SHA512
94c84c6426a8cc2220809d4e4c071930e93f67e7e8be37463d2526e8fc957d61149d637449f2078f94c58fe33786d626d994aa9ef85d902e993c36f7b602dbd1
-
SSDEEP
49152:I4qMMGqeFE9xVJHBcNNKlaBz2VhAa5cR1yiYGOzuh0o3O:ITMMGqeFMVDcNNYaBz2H5+1NYGOzuh0d
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-