floxif | d204a4c02d1155efb6dee2a7c251bddb95ef9fafa7ba41a98918d403b7caebbc

General

Target

2024-12-19_d71cd94043786f9059de8b6df5ad717d_floxif_mafia
Size

272KB
Sample

241219-avvrqaynaw
MD5

d71cd94043786f9059de8b6df5ad717d
SHA1

f0b5003536a30e1cc4cc6d2e61990f17c89a7b58
SHA256

d204a4c02d1155efb6dee2a7c251bddb95ef9fafa7ba41a98918d403b7caebbc
SHA512

d9ed9c489c7b10d46d7376ddd466189b4fdd29afa9b35e637beb8da4eb04200d3e9e50ecc60809c3fd4fc9ca56bdd0910fd9cabf30cb7197db27cb362e19d2a2
SSDEEP

6144:2yOOyIxgMgDqkTEUET+l2AbpLk0cusQvMRlkM4RD/qzMfUD:j3xkT1KG2qk0nMRGM4h/qofm

Score

10^/10

Malware Config

Targets

- Target
  
  2024-12-19_d71cd94043786f9059de8b6df5ad717d_floxif_mafia
- Size
  
  272KB
- MD5
  
  d71cd94043786f9059de8b6df5ad717d
- SHA1
  
  f0b5003536a30e1cc4cc6d2e61990f17c89a7b58
- SHA256
  
  d204a4c02d1155efb6dee2a7c251bddb95ef9fafa7ba41a98918d403b7caebbc
- SHA512
  
  d9ed9c489c7b10d46d7376ddd466189b4fdd29afa9b35e637beb8da4eb04200d3e9e50ecc60809c3fd4fc9ca56bdd0910fd9cabf30cb7197db27cb362e19d2a2
- SSDEEP
  
  6144:2yOOyIxgMgDqkTEUET+l2AbpLk0cusQvMRlkM4RD/qzMfUD:j3xkT1KG2qk0nMRGM4h/qofm
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2