General
-
Target
2024-12-18_1b5bd62be6f60dc09907951463782d34_floxif_mafia
-
Size
2.5MB
-
Sample
241218-pm1qbszner
-
MD5
1b5bd62be6f60dc09907951463782d34
-
SHA1
6f5d0ecfc96f2275a77d00e25cf37fa92ff8643c
-
SHA256
fb29a11d9922ce6458004c508c020212674b9b3ee83abefdb70faee087f485c2
-
SHA512
df6a615b9372d537c7d1ec2f3846e84f2e2b53d3dcb98ed3896a3e7dadd1d4e842fc8776d47e3c768440f595f46cc8d5497a779718694a14ff151c56a7dde769
-
SSDEEP
49152:tuIsK0ofs2hPd2l177BTK2VbDsar1YDjP:tjxfs2hPIl1/c
Malware Config
Targets
-
-
Target
2024-12-18_1b5bd62be6f60dc09907951463782d34_floxif_mafia
-
Size
2.5MB
-
MD5
1b5bd62be6f60dc09907951463782d34
-
SHA1
6f5d0ecfc96f2275a77d00e25cf37fa92ff8643c
-
SHA256
fb29a11d9922ce6458004c508c020212674b9b3ee83abefdb70faee087f485c2
-
SHA512
df6a615b9372d537c7d1ec2f3846e84f2e2b53d3dcb98ed3896a3e7dadd1d4e842fc8776d47e3c768440f595f46cc8d5497a779718694a14ff151c56a7dde769
-
SSDEEP
49152:tuIsK0ofs2hPd2l177BTK2VbDsar1YDjP:tjxfs2hPIl1/c
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-