General
-
Target
2024-12-14_d5e1fef64a9149399640d651fb696a1f_floxif_mafia
-
Size
2.5MB
-
Sample
241214-prkvnstmfr
-
MD5
d5e1fef64a9149399640d651fb696a1f
-
SHA1
6c553ee8116f62134f7833051cf612a9ae461df0
-
SHA256
403d1abc061309617142cc33247f6dee584be004d38239c51e756acd34c2e192
-
SHA512
b67f61a29b167d5e54d6d294255c917517868c48a82ecedfb2824bbbf47b823cc0ab3bf957cf9249c96080d256e86c8d5fcc1093ae3e73ecf24445d58ef4bc3e
-
SSDEEP
49152:tuII8yofs2hPd2l177BTK2VbDsar1YDj0:tjpfs2hPIl1/z
Malware Config
Targets
-
-
Target
2024-12-14_d5e1fef64a9149399640d651fb696a1f_floxif_mafia
-
Size
2.5MB
-
MD5
d5e1fef64a9149399640d651fb696a1f
-
SHA1
6c553ee8116f62134f7833051cf612a9ae461df0
-
SHA256
403d1abc061309617142cc33247f6dee584be004d38239c51e756acd34c2e192
-
SHA512
b67f61a29b167d5e54d6d294255c917517868c48a82ecedfb2824bbbf47b823cc0ab3bf957cf9249c96080d256e86c8d5fcc1093ae3e73ecf24445d58ef4bc3e
-
SSDEEP
49152:tuII8yofs2hPd2l177BTK2VbDsar1YDj0:tjpfs2hPIl1/z
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-