General
-
Target
2024-11-21_d17c101fe5fb36659af9769ccf337c39_floxif_mafia
-
Size
302KB
-
Sample
241121-ln2gga1gmp
-
MD5
d17c101fe5fb36659af9769ccf337c39
-
SHA1
c2e1021587bb9ff29285e4531e2719c193d1e3c4
-
SHA256
e0e281ad37bd07b9008f55c2b30914b7f1a50661c0e4c1f1c2c307a9ae96ee01
-
SHA512
5a61c6f88eb688a3364adbd7e144c3a6c1190c3b8ccdea6a3f71db4f2e08069467e90f08af71ce3a724131815cd0987769e0a90ca4fc6e985c9472b6523b7fd0
-
SSDEEP
6144:ujxULxLYjDE2Tkobe70NM9Ftfc1wBV+UdvrEFp7hKP0:ujxU1LCYSe70NMhfc1wBjvrEH7f
Malware Config
Targets
-
-
Target
2024-11-21_d17c101fe5fb36659af9769ccf337c39_floxif_mafia
-
Size
302KB
-
MD5
d17c101fe5fb36659af9769ccf337c39
-
SHA1
c2e1021587bb9ff29285e4531e2719c193d1e3c4
-
SHA256
e0e281ad37bd07b9008f55c2b30914b7f1a50661c0e4c1f1c2c307a9ae96ee01
-
SHA512
5a61c6f88eb688a3364adbd7e144c3a6c1190c3b8ccdea6a3f71db4f2e08069467e90f08af71ce3a724131815cd0987769e0a90ca4fc6e985c9472b6523b7fd0
-
SSDEEP
6144:ujxULxLYjDE2Tkobe70NM9Ftfc1wBV+UdvrEFp7hKP0:ujxU1LCYSe70NMhfc1wBjvrEH7f
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-