General
-
Target
2024-11-18_03f03e17e9dbc11af12ee2042a30deec_floxif_icedid
-
Size
974KB
-
Sample
241118-xeg71stapn
-
MD5
03f03e17e9dbc11af12ee2042a30deec
-
SHA1
8230ab68764439edf80a21f801d480a0cae1e1b7
-
SHA256
3907ecf1a32153865825ce20577a0f5ef356293a75ef4df1eeb166d432041acc
-
SHA512
7820347df03ef999da2de42ff289b53b9515c2a67837b40db23f6c24675f92a1d8f4319c8a092b8f7eb97560b8b7f8210e8bb331ce04c0705738847c2ada66b2
-
SSDEEP
24576:C2LGd5tH1YpWw0XxJRatjp8CJm11rEH7I:CNVYpWwQ7sXAz
Malware Config
Targets
-
-
Target
2024-11-18_03f03e17e9dbc11af12ee2042a30deec_floxif_icedid
-
Size
974KB
-
MD5
03f03e17e9dbc11af12ee2042a30deec
-
SHA1
8230ab68764439edf80a21f801d480a0cae1e1b7
-
SHA256
3907ecf1a32153865825ce20577a0f5ef356293a75ef4df1eeb166d432041acc
-
SHA512
7820347df03ef999da2de42ff289b53b9515c2a67837b40db23f6c24675f92a1d8f4319c8a092b8f7eb97560b8b7f8210e8bb331ce04c0705738847c2ada66b2
-
SSDEEP
24576:C2LGd5tH1YpWw0XxJRatjp8CJm11rEH7I:CNVYpWwQ7sXAz
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-