Overview

overview

10

Static

static

1

c68a17bbf2...3b.exe

windows7-x64

10

c68a17bbf2...3b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c68a17bbf24e5cb29a373fb547625ec7e6f8863e18d415d5a36018cc2443523b

  • Size

    278KB

  • Sample

    241224-yrrgwswkew

  • MD5

    3f832ef01f8962e3b3701121a16d503f

  • SHA1

    03e19f5978ffe57cbb99408c91a782d25bf99d4c

  • SHA256

    c68a17bbf24e5cb29a373fb547625ec7e6f8863e18d415d5a36018cc2443523b

  • SHA512

    77b7bd3a6d7712d8f55dc907574100236cd794798a3c6da8fd7505c921e633e78346ccb8735a9e1c9d96b878da3f6c51a91ca4f81aaaca4dedf264a205d8834f

  • SSDEEP

    6144:aAtl/DRfmOC3dM7B+WCeBV+UdvrEFp7hKAV:aAtlbRfmL6B+WCeBjvrEH7DV

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      c68a17bbf24e5cb29a373fb547625ec7e6f8863e18d415d5a36018cc2443523b

    • Size

      278KB

    • MD5

      3f832ef01f8962e3b3701121a16d503f

    • SHA1

      03e19f5978ffe57cbb99408c91a782d25bf99d4c

    • SHA256

      c68a17bbf24e5cb29a373fb547625ec7e6f8863e18d415d5a36018cc2443523b

    • SHA512

      77b7bd3a6d7712d8f55dc907574100236cd794798a3c6da8fd7505c921e633e78346ccb8735a9e1c9d96b878da3f6c51a91ca4f81aaaca4dedf264a205d8834f

    • SSDEEP

      6144:aAtl/DRfmOC3dM7B+WCeBV+UdvrEFp7hKAV:aAtlbRfmL6B+WCeBjvrEH7DV

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks