General
-
Target
2024-12-09_1aea671cacb10a201ceb31346b69592e_floxif_mafia
-
Size
403KB
-
Sample
241209-r51t6a1lhy
-
MD5
1aea671cacb10a201ceb31346b69592e
-
SHA1
34eee73e6094ae2188a4c6ed055df03dc5313a41
-
SHA256
9a7d32706706203792a6316feb67326c4ef3adffbaeaea0aadc205d1429d325e
-
SHA512
9e095dee4f89d2516b70cf67cb062e728d9b967c29ca8d544855cfe33f4c086a4227d564b1f1cbaeb37fbf08a22af8f08ca5232fb237a572cd7daf88e1a1519d
-
SSDEEP
12288:A7oXUEg8tXrZOrVAGuiMU0g5FkgcQtSBBjvrEH7o:AEUEtXt+KLij5mgcQt+rEH7o
Malware Config
Targets
-
-
Target
2024-12-09_1aea671cacb10a201ceb31346b69592e_floxif_mafia
-
Size
403KB
-
MD5
1aea671cacb10a201ceb31346b69592e
-
SHA1
34eee73e6094ae2188a4c6ed055df03dc5313a41
-
SHA256
9a7d32706706203792a6316feb67326c4ef3adffbaeaea0aadc205d1429d325e
-
SHA512
9e095dee4f89d2516b70cf67cb062e728d9b967c29ca8d544855cfe33f4c086a4227d564b1f1cbaeb37fbf08a22af8f08ca5232fb237a572cd7daf88e1a1519d
-
SSDEEP
12288:A7oXUEg8tXrZOrVAGuiMU0g5FkgcQtSBBjvrEH7o:AEUEtXt+KLij5mgcQt+rEH7o
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-