General
-
Target
2024-12-25_05c893f76c4a47fef0252bb9273394f9_floxif_hijackloader_icedid
-
Size
3.2MB
-
Sample
241225-w1xn6a1rew
-
MD5
05c893f76c4a47fef0252bb9273394f9
-
SHA1
20efe22390c843a40b8d9eaba60182aaefb7650a
-
SHA256
907f6701615234da8716c1b20f1587412f0719a162850040fa2ca114182de601
-
SHA512
52bd9e79f9e78113be86069fef0949ea3a6ea411b937fd75414c6bb20d0df7488a3c59b0d85e78ed990b61897e6cab7144a5d31dcc8d92bbe58d010258d26e70
-
SSDEEP
49152:2KT5razB15YsBNMqxs9j7GvQDf536Ubmezbj2PSWMNtoenbt5NPBtpCW1zMQ1qM:2KMHXADyPSWMNtoKPBtMW2QUM
Malware Config
Targets
-
-
Target
2024-12-25_05c893f76c4a47fef0252bb9273394f9_floxif_hijackloader_icedid
-
Size
3.2MB
-
MD5
05c893f76c4a47fef0252bb9273394f9
-
SHA1
20efe22390c843a40b8d9eaba60182aaefb7650a
-
SHA256
907f6701615234da8716c1b20f1587412f0719a162850040fa2ca114182de601
-
SHA512
52bd9e79f9e78113be86069fef0949ea3a6ea411b937fd75414c6bb20d0df7488a3c59b0d85e78ed990b61897e6cab7144a5d31dcc8d92bbe58d010258d26e70
-
SSDEEP
49152:2KT5razB15YsBNMqxs9j7GvQDf536Ubmezbj2PSWMNtoenbt5NPBtpCW1zMQ1qM:2KMHXADyPSWMNtoKPBtMW2QUM
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-