Overview

overview

10

Static

static

1

2024-12-22...ia.exe

windows7-x64

10

2024-12-22...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-22_58f9dab2a9ec7af06c6d61b2b3d1fb6a_floxif_mafia

  • Size

    272KB

  • Sample

    241222-vypp4atrbv

  • MD5

    58f9dab2a9ec7af06c6d61b2b3d1fb6a

  • SHA1

    e71eebbe4820c4455ecf934a3067ab81279fc208

  • SHA256

    4f7a0be8eebdc0dd7e5fc3c04641d2f76775a9b709edb872d885781b089b4fe4

  • SHA512

    a524bf87bec387412419f42f04442f14768e1e16dee901bef8a98d91527fbf1163281a27f529f0cf68516dbf1cec29d154ef30353e2e8b429792111ab6641510

  • SSDEEP

    6144:2MMZly1bAgMgDlkTEUET+l2AbpLk0cusQvMRlkM4RD/qzMfUX3aH:zMZlWRkT1KG2qk0nMRGM4h/qof63aH

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2024-12-22_58f9dab2a9ec7af06c6d61b2b3d1fb6a_floxif_mafia

    • Size

      272KB

    • MD5

      58f9dab2a9ec7af06c6d61b2b3d1fb6a

    • SHA1

      e71eebbe4820c4455ecf934a3067ab81279fc208

    • SHA256

      4f7a0be8eebdc0dd7e5fc3c04641d2f76775a9b709edb872d885781b089b4fe4

    • SHA512

      a524bf87bec387412419f42f04442f14768e1e16dee901bef8a98d91527fbf1163281a27f529f0cf68516dbf1cec29d154ef30353e2e8b429792111ab6641510

    • SSDEEP

      6144:2MMZly1bAgMgDlkTEUET+l2AbpLk0cusQvMRlkM4RD/qzMfUX3aH:zMZlWRkT1KG2qk0nMRGM4h/qof63aH

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks