General
-
Target
2024-12-11_faf100c754d6608742fe90f1481c0305_floxif_hijackloader_icedid
-
Size
3.2MB
-
Sample
241211-b1l77szjat
-
MD5
faf100c754d6608742fe90f1481c0305
-
SHA1
f70cc118cbce6dc1d087a6963c13f8882f3362e1
-
SHA256
882d94426e9ddb052cd490e1de3401d38f8a0e83a29d58457db4607b9974f11d
-
SHA512
5fbd0237844cb55aa39df6c2239a6cfa62a3f73cd2d4a080fb8b45ca462563243585328d75a4e779f31b6c6bcc8c6013e06f0e7fea8b2f8485f72e65e13f8065
-
SSDEEP
49152:2KT5razBt5YsBNMqxs9j7GvQDf536Ubmezbj2PSWMNXoenbttNPBtpCW1zMs:2KMnXADyPSWMNXoSPBtMW2s
Malware Config
Targets
-
-
Target
2024-12-11_faf100c754d6608742fe90f1481c0305_floxif_hijackloader_icedid
-
Size
3.2MB
-
MD5
faf100c754d6608742fe90f1481c0305
-
SHA1
f70cc118cbce6dc1d087a6963c13f8882f3362e1
-
SHA256
882d94426e9ddb052cd490e1de3401d38f8a0e83a29d58457db4607b9974f11d
-
SHA512
5fbd0237844cb55aa39df6c2239a6cfa62a3f73cd2d4a080fb8b45ca462563243585328d75a4e779f31b6c6bcc8c6013e06f0e7fea8b2f8485f72e65e13f8065
-
SSDEEP
49152:2KT5razBt5YsBNMqxs9j7GvQDf536Ubmezbj2PSWMNXoenbttNPBtpCW1zMs:2KMnXADyPSWMNXoSPBtMW2s
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-