floxif | 027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a | Triage

Submit
Reports

Overview

overview

Static

static

1

027a609be2...9a.dll

windows7-x64

027a609be2...9a.dll

windows10-2004-x64

Sharing

General

Target

027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a
Size

1.1MB
Sample

241221-wjqjhsvnes
MD5

a721b3c61892998a0c75d22f6f852048
SHA1

c9070e2c83af9c1ed1bc9043b40e9c2f2c1cec24
SHA256

027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a
SHA512

4e155fcd5cf281b697dcf7b450938a90bf8411dd286126e702c38ed9b4fcae6feb91676e8b03410b8410c3a08ac35b81e27b1c8c06f606be15b28f07ba5d09f4
SSDEEP

24576:V2mj42MEVQPGEo+kSYYuX/7DkbSrh/qtoT/cgB8SnLZrEH7vV:xjnMEVQuokS8vkurNqtoTkgCSnGV

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a.dll

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a.dll

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a
- Size
  
  1.1MB
- MD5
  
  a721b3c61892998a0c75d22f6f852048
- SHA1
  
  c9070e2c83af9c1ed1bc9043b40e9c2f2c1cec24
- SHA256
  
  027a609be24cf1dd81ae17298f5e17d1c8ca199d9a9fa57c7fa72a47b949289a
- SHA512
  
  4e155fcd5cf281b697dcf7b450938a90bf8411dd286126e702c38ed9b4fcae6feb91676e8b03410b8410c3a08ac35b81e27b1c8c06f606be15b28f07ba5d09f4
- SSDEEP
  
  24576:V2mj42MEVQPGEo+kSYYuX/7DkbSrh/qtoT/cgB8SnLZrEH7vV:xjnMEVQuokS8vkurNqtoTkgCSnGV
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy