floxif | 201036c4387369e63c11a56571f6f540874a5605592db368431ab1e86be76bb2

General

Target

201036c4387369e63c11a56571f6f540874a5605592db368431ab1e86be76bb2N.exe
Size

1.5MB
Sample

241219-adrczaynem
MD5

29fe922e1390597ec7adb9182cb31670
SHA1

3610b4e0f739cc3f6f5a775f286e7c84c0450a97
SHA256

201036c4387369e63c11a56571f6f540874a5605592db368431ab1e86be76bb2
SHA512

3625f64c7272a758902eeb2c2f8f892fb6f434ed1f0b18229f1bc04c8619a332bd1796194264aaed4bf8028c2c5ab1ad6ff1e827d7e050902d02e390c30df788
SSDEEP

24576:naM84oHVJQgsGNbBNXjo2dj7MM1ebXh040Uf5GtaudomjI23yvNHm0L4+kMRGJ/s:aM84wL7U2pIM1KhcUf5Gt3db0b491qL

Score

10^/10

Malware Config

Targets

- Target
  
  201036c4387369e63c11a56571f6f540874a5605592db368431ab1e86be76bb2N.exe
- Size
  
  1.5MB
- MD5
  
  29fe922e1390597ec7adb9182cb31670
- SHA1
  
  3610b4e0f739cc3f6f5a775f286e7c84c0450a97
- SHA256
  
  201036c4387369e63c11a56571f6f540874a5605592db368431ab1e86be76bb2
- SHA512
  
  3625f64c7272a758902eeb2c2f8f892fb6f434ed1f0b18229f1bc04c8619a332bd1796194264aaed4bf8028c2c5ab1ad6ff1e827d7e050902d02e390c30df788
- SSDEEP
  
  24576:naM84oHVJQgsGNbBNXjo2dj7MM1ebXh040Uf5GtaudomjI23yvNHm0L4+kMRGJ/s:aM84wL7U2pIM1KhcUf5Gt3db0b491qL
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Executes dropped EXE

Loads dropped DLL

Network Service Discovery

Drops file in System32 directory

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2