floxif | 1a6bd867c9b57363119f35ddfcd5acde4e1db722bd628be40fcbf0e33c213147

General

Target

1a6bd867c9b57363119f35ddfcd5acde4e1db722bd628be40fcbf0e33c213147N.exe
Size

2.5MB
Sample

241219-dx96zavqey
MD5

a382f65cd14549bec10a56d43550e120
SHA1

eeb9b38d2ec3224dc5a748e967b1e2911a1f465c
SHA256

1a6bd867c9b57363119f35ddfcd5acde4e1db722bd628be40fcbf0e33c213147
SHA512

dbec5acaf07e42f7462905f58e13a17f769c64c4585963546d06d967933613614e4808591828cb022b4d7dc5732d5263119b6fc4001c2bf74d9fafe90eb0b657
SSDEEP

49152:FB1S7n7zOH0/343A/aT9C0DZonjpy5aoSKrBda7xJ1qP:gOU/34Q/WyuBda7xJUP

Score

10^/10

Malware Config

Targets

- Target
  
  1a6bd867c9b57363119f35ddfcd5acde4e1db722bd628be40fcbf0e33c213147N.exe
- Size
  
  2.5MB
- MD5
  
  a382f65cd14549bec10a56d43550e120
- SHA1
  
  eeb9b38d2ec3224dc5a748e967b1e2911a1f465c
- SHA256
  
  1a6bd867c9b57363119f35ddfcd5acde4e1db722bd628be40fcbf0e33c213147
- SHA512
  
  dbec5acaf07e42f7462905f58e13a17f769c64c4585963546d06d967933613614e4808591828cb022b4d7dc5732d5263119b6fc4001c2bf74d9fafe90eb0b657
- SSDEEP
  
  49152:FB1S7n7zOH0/343A/aT9C0DZonjpy5aoSKrBda7xJ1qP:gOU/34Q/WyuBda7xJUP
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2