Overview

overview

10

Static

static

1

a.html

windows7-x64

3

a.html

windows10-2004-x64

10

Resubmissions

10-12-2024 13:48

241210-q4kacaxjas 8

10-12-2024 13:46

241210-q3gstswrgt 10

10-12-2024 13:44

241210-q1vxnssjgm 8

10-12-2024 13:42

241210-qzx1mssjfj 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a

  • Size

    1KB

  • Sample

    241210-q3gstswrgt

  • MD5

    d5fb513907e0bf30fd3a61a2ecd4dd51

  • SHA1

    edb774f15d961ada35f581d84d8faa5a47422850

  • SHA256

    6764182453f39a713e142b15b917a28f06bdf57cbf75f537a38dc4213555598b

  • SHA512

    c7f8e36e09fbf4d7b47c764090e368d9fd0eda8b30f60ea67c06b92c3af01b7749285f3ddafa109c08dbd14b0a78f1f82cfa4f18721ec66eb551c90567b60755

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      a

    • Size

      1KB

    • MD5

      d5fb513907e0bf30fd3a61a2ecd4dd51

    • SHA1

      edb774f15d961ada35f581d84d8faa5a47422850

    • SHA256

      6764182453f39a713e142b15b917a28f06bdf57cbf75f537a38dc4213555598b

    • SHA512

      c7f8e36e09fbf4d7b47c764090e368d9fd0eda8b30f60ea67c06b92c3af01b7749285f3ddafa109c08dbd14b0a78f1f82cfa4f18721ec66eb551c90567b60755

    Score
    10/10
    discoveryfloxifbackdoortrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Downloads MZ/PE file

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks