Overview

overview

10

Static

static

3

2024-12-19...ia.exe

windows7-x64

10

2024-12-19...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-19_d1587c570848d0b7740d3771f425ff03_floxif_mafia

  • Size

    2.4MB

  • Sample

    241219-atzpaazkhl

  • MD5

    d1587c570848d0b7740d3771f425ff03

  • SHA1

    b5df00ad4ed34595fc1df252d9a284693e1491a0

  • SHA256

    da580039a1e086bf73974891edb5f6a52a4bf814fb9452d20b4a1bb09b1323c3

  • SHA512

    75b92da0320c21ee22c91b446dba2a7818d5d923493809a2ebbb1fdbae02c36f3bb702d4e56f5cafd8c490125392daa09c74e0ef96ed5b8a5ecc5a4141749af6

  • SSDEEP

    49152:7KrktROe9nQPSX1MkzQx/y3aGj3w3WwaekigdKRMXws74eZbku0QeCouCF:ltROe9QSl30x/yKGTw3W3dWMXws7gJQO

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

Malware Config

Targets

    • Target

      2024-12-19_d1587c570848d0b7740d3771f425ff03_floxif_mafia

    • Size

      2.4MB

    • MD5

      d1587c570848d0b7740d3771f425ff03

    • SHA1

      b5df00ad4ed34595fc1df252d9a284693e1491a0

    • SHA256

      da580039a1e086bf73974891edb5f6a52a4bf814fb9452d20b4a1bb09b1323c3

    • SHA512

      75b92da0320c21ee22c91b446dba2a7818d5d923493809a2ebbb1fdbae02c36f3bb702d4e56f5cafd8c490125392daa09c74e0ef96ed5b8a5ecc5a4141749af6

    • SSDEEP

      49152:7KrktROe9nQPSX1MkzQx/y3aGj3w3WwaekigdKRMXws74eZbku0QeCouCF:ltROe9QSl30x/yKGTw3W3dWMXws7gJQO

    Score
    10/10
    floxifbackdoordiscoverytrojanupxpersistenceprivilege_escalation

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks