floxif | cb4ab51a4abe704e86fcf009b166c66fb07f13e0e25b38635a25076fefb92135

General

Target

cb4ab51a4abe704e86fcf009b166c66fb07f13e0e25b38635a25076fefb92135N.exe
Size

1.8MB
Sample

241220-g7aewa1rfz
MD5

83789676d0b0d067eed3f1a4508bcbd0
SHA1

ff36a97db30a1afbe191884b7a26ca26f2977ea0
SHA256

cb4ab51a4abe704e86fcf009b166c66fb07f13e0e25b38635a25076fefb92135
SHA512

65c54d193929a680fcadea6146a04056cf1f8b538f4003cb2ccd1ef8b8ec388aa6fd72b5b6f5c51023d49025c4f83bdc786e51bc6d5eff98661db4d2df373226
SSDEEP

24576:qm5ZEbzBQK8xIifw9/G/vqVrPEYGLcpoThM8wpIHQtMOt1eZpMzoJiC9TKHT6gL/:bDcivDrcaT+UMzL0TKz/LruJb/21qe

Score

10^/10

Malware Config

Targets

- Target
  
  cb4ab51a4abe704e86fcf009b166c66fb07f13e0e25b38635a25076fefb92135N.exe
- Size
  
  1.8MB
- MD5
  
  83789676d0b0d067eed3f1a4508bcbd0
- SHA1
  
  ff36a97db30a1afbe191884b7a26ca26f2977ea0
- SHA256
  
  cb4ab51a4abe704e86fcf009b166c66fb07f13e0e25b38635a25076fefb92135
- SHA512
  
  65c54d193929a680fcadea6146a04056cf1f8b538f4003cb2ccd1ef8b8ec388aa6fd72b5b6f5c51023d49025c4f83bdc786e51bc6d5eff98661db4d2df373226
- SSDEEP
  
  24576:qm5ZEbzBQK8xIifw9/G/vqVrPEYGLcpoThM8wpIHQtMOt1eZpMzoJiC9TKHT6gL/:bDcivDrcaT+UMzL0TKz/LruJb/21qe
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2