floxif | b22ad2a4ab1735b2fb6c800b52d1fbe9608698e2e749fbd028e5c4b8d6852ecf

General

Target

b22ad2a4ab1735b2fb6c800b52d1fbe9608698e2e749fbd028e5c4b8d6852ecf
Size

1.3MB
Sample

241212-h5g8daylfq
MD5

ebf6fdf0ca889437185d81df3c7c8734
SHA1

f47ca75a4d943180e58c40293d411db9f5e2769d
SHA256

b22ad2a4ab1735b2fb6c800b52d1fbe9608698e2e749fbd028e5c4b8d6852ecf
SHA512

3e76576e0ce2860e2265ee567bfce7a69b0b5b7312786c81137fadcec509e7a081772b4639cbd4530271a8389711867121f7eecfc70479651a707f85a9471fda
SSDEEP

24576:Ws/66GbJFLBoVs9nIDak3ri91DcSF+oYPaBcrmMO4k5mBoMRGJ/qofV:WWADsbWgo/BwBvk5mBq1qM

Score

10^/10

Malware Config

Targets

- Target
  
  b22ad2a4ab1735b2fb6c800b52d1fbe9608698e2e749fbd028e5c4b8d6852ecf
- Size
  
  1.3MB
- MD5
  
  ebf6fdf0ca889437185d81df3c7c8734
- SHA1
  
  f47ca75a4d943180e58c40293d411db9f5e2769d
- SHA256
  
  b22ad2a4ab1735b2fb6c800b52d1fbe9608698e2e749fbd028e5c4b8d6852ecf
- SHA512
  
  3e76576e0ce2860e2265ee567bfce7a69b0b5b7312786c81137fadcec509e7a081772b4639cbd4530271a8389711867121f7eecfc70479651a707f85a9471fda
- SSDEEP
  
  24576:Ws/66GbJFLBoVs9nIDak3ri91DcSF+oYPaBcrmMO4k5mBoMRGJ/qofV:WWADsbWgo/BwBvk5mBq1qM
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2