General
-
Target
2024-12-13_df333d85d5056d415822997eaceec252_floxif_mafia
-
Size
2.5MB
-
Sample
241213-3cnvnssqdn
-
MD5
df333d85d5056d415822997eaceec252
-
SHA1
93dea5ac23b6888b9ec3bc7857dfc79a7847a46b
-
SHA256
1d7438e97e2df9baf14c6d7c34771e9c0fe62467767a79c2018488f6e4741d68
-
SHA512
c1e1ba98e6461bc1894800051f27ae2452f1cdf3546e73cbc2ad297a2c32cc1d2312a73a38c6c2c2f83e119ae910328e8ff4eb42f4d073a6163ca56e750a7c7c
-
SSDEEP
49152:pmhcbMDOyZLivN3iK0fqOw7XYym7U4aFvsO1CThFhu7vLruwqf+ty:pmpiyZuvN3GiOw7XSU4aFvsO1X7v+
Malware Config
Targets
-
-
Target
2024-12-13_df333d85d5056d415822997eaceec252_floxif_mafia
-
Size
2.5MB
-
MD5
df333d85d5056d415822997eaceec252
-
SHA1
93dea5ac23b6888b9ec3bc7857dfc79a7847a46b
-
SHA256
1d7438e97e2df9baf14c6d7c34771e9c0fe62467767a79c2018488f6e4741d68
-
SHA512
c1e1ba98e6461bc1894800051f27ae2452f1cdf3546e73cbc2ad297a2c32cc1d2312a73a38c6c2c2f83e119ae910328e8ff4eb42f4d073a6163ca56e750a7c7c
-
SSDEEP
49152:pmhcbMDOyZLivN3iK0fqOw7XYym7U4aFvsO1CThFhu7vLruwqf+ty:pmpiyZuvN3GiOw7XSU4aFvsO1X7v+
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-