Overview

overview

10

Static

static

1

2024-12-12...ia.exe

windows7-x64

10

2024-12-12...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-12_d630cc6cd9ac4bfb2d5c22ca26d65667_floxif_mafia

  • Size

    272KB

  • Sample

    241212-avs8wsyldj

  • MD5

    d630cc6cd9ac4bfb2d5c22ca26d65667

  • SHA1

    618cff5185be189876be1ae6b4bf5a51cfc01acf

  • SHA256

    4763c34327c178506011872d8b555bf4ae0483989273777dc278d5586daeba30

  • SHA512

    4d3a3fc00b6f1c8b7c174c80b786e9699a42c66e91b4844f20cda16bed89311c4e45ec5380e98cb52ecb95cbd9c694837cf9534b4293f02e2ff454657f6df135

  • SSDEEP

    6144:2MMZlyIxgMgDDkTEUEiCoAbpLk0cusQvMRlkM4RD/qzMfUAhm:zMZlwkT1L3qk0nMRGM4h/qofJhm

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2024-12-12_d630cc6cd9ac4bfb2d5c22ca26d65667_floxif_mafia

    • Size

      272KB

    • MD5

      d630cc6cd9ac4bfb2d5c22ca26d65667

    • SHA1

      618cff5185be189876be1ae6b4bf5a51cfc01acf

    • SHA256

      4763c34327c178506011872d8b555bf4ae0483989273777dc278d5586daeba30

    • SHA512

      4d3a3fc00b6f1c8b7c174c80b786e9699a42c66e91b4844f20cda16bed89311c4e45ec5380e98cb52ecb95cbd9c694837cf9534b4293f02e2ff454657f6df135

    • SSDEEP

      6144:2MMZlyIxgMgDDkTEUEiCoAbpLk0cusQvMRlkM4RD/qzMfUAhm:zMZlwkT1L3qk0nMRGM4h/qofJhm

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks