floxif | dc37a2af60f12ecda1fbbc6832c5698991d2338f031ef5dbf3a2a087e8013135

General

Target

dc37a2af60f12ecda1fbbc6832c5698991d2338f031ef5dbf3a2a087e8013135
Size

123KB
Sample

241210-hdadfsxjfs
MD5

a95005da2a9050f277ee7711f04abf3b
SHA1

c815c7b19933c43225019a0b8a9a10b4a3d92bbd
SHA256

dc37a2af60f12ecda1fbbc6832c5698991d2338f031ef5dbf3a2a087e8013135
SHA512

d6e2a962e2705432dd3424c737229a455c147f72a8b9a7252274b1272a1479447e35dc3f22669d1c840cf3acbe8270169b2f87a0c7def9bc4a0db045a260af07
SSDEEP

3072:Mdud0eNZxxZsQvVqRlkM4OAD/KLznBuB2JA2BjiU9:MduVNZ9sQvMRlkM4RD/qzMfU9

Score

10^/10

Malware Config

Targets

- Target
  
  dc37a2af60f12ecda1fbbc6832c5698991d2338f031ef5dbf3a2a087e8013135
- Size
  
  123KB
- MD5
  
  a95005da2a9050f277ee7711f04abf3b
- SHA1
  
  c815c7b19933c43225019a0b8a9a10b4a3d92bbd
- SHA256
  
  dc37a2af60f12ecda1fbbc6832c5698991d2338f031ef5dbf3a2a087e8013135
- SHA512
  
  d6e2a962e2705432dd3424c737229a455c147f72a8b9a7252274b1272a1479447e35dc3f22669d1c840cf3acbe8270169b2f87a0c7def9bc4a0db045a260af07
- SSDEEP
  
  3072:Mdud0eNZxxZsQvVqRlkM4OAD/KLznBuB2JA2BjiU9:MduVNZ9sQvMRlkM4RD/qzMfU9
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2