Overview

overview

10

Static

static

3

2024-12-18...if.exe

windows7-x64

10

2024-12-18...if.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-18_9a4e1f99cbde6ceaa860bfd422e95a24_bkransomware_floxif

  • Size

    275KB

  • Sample

    241218-twl1ravlet

  • MD5

    9a4e1f99cbde6ceaa860bfd422e95a24

  • SHA1

    fe1de0991b4b4f57e6c83abd279eb4fbf2484d7b

  • SHA256

    2e309a29e3ed20c3b431b7b19f50cc5df31ca82fb84b708ea9fd19d5076a7f22

  • SHA512

    9387ffcaa7a50d4bd143957ec6f16109b7b682f64cc54b421ff6a843a1ec50184bbb0de2a61ada4ae995999aeda4057b74b1747316565cb0e5d47b85be0ade8e

  • SSDEEP

    6144:92DSSt60OhHLjv1nt3KPBV+UdvrEFp7hKkjjxv:92Ddt63HLpnJKPBjvrEH7Pv

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2024-12-18_9a4e1f99cbde6ceaa860bfd422e95a24_bkransomware_floxif

    • Size

      275KB

    • MD5

      9a4e1f99cbde6ceaa860bfd422e95a24

    • SHA1

      fe1de0991b4b4f57e6c83abd279eb4fbf2484d7b

    • SHA256

      2e309a29e3ed20c3b431b7b19f50cc5df31ca82fb84b708ea9fd19d5076a7f22

    • SHA512

      9387ffcaa7a50d4bd143957ec6f16109b7b682f64cc54b421ff6a843a1ec50184bbb0de2a61ada4ae995999aeda4057b74b1747316565cb0e5d47b85be0ade8e

    • SSDEEP

      6144:92DSSt60OhHLjv1nt3KPBV+UdvrEFp7hKkjjxv:92Ddt63HLpnJKPBjvrEH7Pv

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks