General
-
Target
2024-12-17_51a043864215023dff10e87b3cd06615_floxif_mafia
-
Size
708KB
-
Sample
241217-x28cqawpbq
-
MD5
51a043864215023dff10e87b3cd06615
-
SHA1
04ab10797f6ffb1cd6b8fca81ab4b1731e363c85
-
SHA256
5ce932db5fbba36d9fcdca672b3bf797ad97b6c8def44579ecbacd1652ceac44
-
SHA512
98f33b9eb85749621bba1c89f6bdaf82437cf816d06044d53d45b35d2a0ac9b381b1a756eef0b49c1c1a28e42cdc029a700b6d0aef5a3e88d35febaebf4fc326
-
SSDEEP
12288:uvN7t3capRpLJt9t8CJpBQidO72sZTsWbVKFFf3FRcow6JVBjvrEH7c765B1:uNtMapztlpFVsZTnbVy9FRcVKbrEH7cE
Malware Config
Targets
-
-
Target
2024-12-17_51a043864215023dff10e87b3cd06615_floxif_mafia
-
Size
708KB
-
MD5
51a043864215023dff10e87b3cd06615
-
SHA1
04ab10797f6ffb1cd6b8fca81ab4b1731e363c85
-
SHA256
5ce932db5fbba36d9fcdca672b3bf797ad97b6c8def44579ecbacd1652ceac44
-
SHA512
98f33b9eb85749621bba1c89f6bdaf82437cf816d06044d53d45b35d2a0ac9b381b1a756eef0b49c1c1a28e42cdc029a700b6d0aef5a3e88d35febaebf4fc326
-
SSDEEP
12288:uvN7t3capRpLJt9t8CJpBQidO72sZTsWbVKFFf3FRcow6JVBjvrEH7c765B1:uNtMapztlpFVsZTnbVy9FRcVKbrEH7cE
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-