floxif | dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66 | Triage

Submit
Reports

Overview

overview

Static

static

dc0e23745e...66.dll

windows7-x64

8

dc0e23745e...66.dll

windows10-2004-x64

6

Sharing

General

Target

dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66.exe
Size

80KB
Sample

241219-gnfgsasldp
MD5

5e1d0bee95b9cfbc68ea9ad33d83dd5c
SHA1

4d35b3c376b35baac236bd94e20d0ad0344654f7
SHA256

dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66
SHA512

bbd86da8573e452ca31189bf5896db594ea0315e8d3d26bbc9ec5ee4241e0e197de174ab6a91106f004b4cd9bbc5349de04a94d33df72ed21f738b79bd6f5114
SSDEEP

1536:uIcs6msUvrh8ErMInQ+4cw9NVWfjaRkE4LEl8B60Y2lfxxHZPEX:dcs6v68Erj3w9zWf+SEFuk0/pfP6

Score

10^/10

floxif backdoor discovery upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66.dll

Resource

win7-20240729-en

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Targets

- Target
  
  dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66.exe
- Size
  
  80KB
- MD5
  
  5e1d0bee95b9cfbc68ea9ad33d83dd5c
- SHA1
  
  4d35b3c376b35baac236bd94e20d0ad0344654f7
- SHA256
  
  dc0e23745efa53665e2c13299bb3e4b4aba7f28b992fc5f432b7a57cb271ed66
- SHA512
  
  bbd86da8573e452ca31189bf5896db594ea0315e8d3d26bbc9ec5ee4241e0e197de174ab6a91106f004b4cd9bbc5349de04a94d33df72ed21f738b79bd6f5114
- SSDEEP
  
  1536:uIcs6msUvrh8ErMInQ+4cw9NVWfjaRkE4LEl8B60Y2lfxxHZPEX:dcs6v68Erj3w9zWf+SEFuk0/pfP6
Score

8^/10

discovery upx
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorupxfloxif

behavioral1

behavioral2

© 2018-2025

Terms | Privacy