floxif | 44768845763b4705f5ae05b0a53e3a3f36802917a193ed89c02b87ca74947a1a | Triage

Submit
Reports

Overview

overview

Static

static

1

2024-12-11...ch.exe

windows7-x64

2024-12-11...ch.exe

windows10-2004-x64

Sharing

General

Target

2024-12-11_3248f534f3368c1a4918e2ddba0d74d2_floxif_poet-rat_snatch
Size

8.7MB
Sample

241211-tcmg6stnhm
MD5

3248f534f3368c1a4918e2ddba0d74d2
SHA1

56315c4160c67195e751c6a324e028f6268723c5
SHA256

44768845763b4705f5ae05b0a53e3a3f36802917a193ed89c02b87ca74947a1a
SHA512

e09509de4ebfef246f03960170e02f940cf8f31710cae2c1649b08180c25800350f1b9cedb0bb6e9537ce098379d4ac8be780b04d0c11abea723e408a231ca8b
SSDEEP

98304:Lvn2TfhLyWbvVqGwzuCVCKEzCavuugvEYvHlnr9wXfr:Lvn+hLy4VnwzuCVCK8Cjv1g

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

2024-12-11_3248f534f3368c1a4918e2ddba0d74d2_floxif_poet-rat_snatch.exe

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-12-11_3248f534f3368c1a4918e2ddba0d74d2_floxif_poet-rat_snatch.exe

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-12-11_3248f534f3368c1a4918e2ddba0d74d2_floxif_poet-rat_snatch
- Size
  
  8.7MB
- MD5
  
  3248f534f3368c1a4918e2ddba0d74d2
- SHA1
  
  56315c4160c67195e751c6a324e028f6268723c5
- SHA256
  
  44768845763b4705f5ae05b0a53e3a3f36802917a193ed89c02b87ca74947a1a
- SHA512
  
  e09509de4ebfef246f03960170e02f940cf8f31710cae2c1649b08180c25800350f1b9cedb0bb6e9537ce098379d4ac8be780b04d0c11abea723e408a231ca8b
- SSDEEP
  
  98304:Lvn2TfhLyWbvVqGwzuCVCKEzCavuugvEYvHlnr9wXfr:Lvn+hLy4VnwzuCVCK8Cjv1g
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy