Overview

overview

10

Static

static

1

2024-12-13...er.exe

windows7-x64

10

2024-12-13...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-13_2012f8ce69fc1812c81be512ec55b622_bkransomware_floxif_hijackloader

  • Size

    2.0MB

  • Sample

    241213-aqv7pasnf1

  • MD5

    2012f8ce69fc1812c81be512ec55b622

  • SHA1

    fe63aba101f73181713502612b7e90f440a38522

  • SHA256

    6bc2bd496ce4fb0fe2fe326a12f354ee4309945c650833b9f284a3f57ee2384c

  • SHA512

    27f36047a4f39c9743b595dcf6063365848592d177b17e908413f6d1e072a3d376daaaf11e107adab069c9d11f83f52429cc9117730bb671e28f74851d260530

  • SSDEEP

    49152:Dk0eL5nJIioHlq+c6gXR92IISNbecXxHDoxf3M7sSZOZVVNa6ZEz0:Dkx5nHoHlq+c6y92IBRecXxHUxf3M7s1

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2024-12-13_2012f8ce69fc1812c81be512ec55b622_bkransomware_floxif_hijackloader

    • Size

      2.0MB

    • MD5

      2012f8ce69fc1812c81be512ec55b622

    • SHA1

      fe63aba101f73181713502612b7e90f440a38522

    • SHA256

      6bc2bd496ce4fb0fe2fe326a12f354ee4309945c650833b9f284a3f57ee2384c

    • SHA512

      27f36047a4f39c9743b595dcf6063365848592d177b17e908413f6d1e072a3d376daaaf11e107adab069c9d11f83f52429cc9117730bb671e28f74851d260530

    • SSDEEP

      49152:Dk0eL5nJIioHlq+c6gXR92IISNbecXxHDoxf3M7sSZOZVVNa6ZEz0:Dkx5nHoHlq+c6y92IBRecXxHUxf3M7s1

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks