Overview

overview

10

Static

static

1

6213dfca08...0f.exe

windows7-x64

10

6213dfca08...0f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6213dfca08ec3810b0fbc2c43fd708b36bfb208375bc4d614ec474738428690f

  • Size

    286KB

  • Sample

    241226-s6q7sazjbp

  • MD5

    7fb2c4ce2f9e64ba1b17a6f4589e4419

  • SHA1

    52992e94b283a8abe9a8c6e9b2e39ac405923a6b

  • SHA256

    6213dfca08ec3810b0fbc2c43fd708b36bfb208375bc4d614ec474738428690f

  • SHA512

    f7b1268135efe7c8649896daa5511d9ed402ca751e5f2c8c3d3228990e849ad642064cf7a7f60dfa93dd211b80c634f34fe5c4cc25200ae1211ee89cf14270f5

  • SSDEEP

    6144:sP47gKNkhSR/5kHouyXnZhB+h8WHlBV+UdvrEFp7hKkXn:k47gKNkhm/JuyXnPB+h8WHlBjvrEH7Jn

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

Malware Config

Targets

    • Target

      6213dfca08ec3810b0fbc2c43fd708b36bfb208375bc4d614ec474738428690f

    • Size

      286KB

    • MD5

      7fb2c4ce2f9e64ba1b17a6f4589e4419

    • SHA1

      52992e94b283a8abe9a8c6e9b2e39ac405923a6b

    • SHA256

      6213dfca08ec3810b0fbc2c43fd708b36bfb208375bc4d614ec474738428690f

    • SHA512

      f7b1268135efe7c8649896daa5511d9ed402ca751e5f2c8c3d3228990e849ad642064cf7a7f60dfa93dd211b80c634f34fe5c4cc25200ae1211ee89cf14270f5

    • SSDEEP

      6144:sP47gKNkhSR/5kHouyXnZhB+h8WHlBV+UdvrEFp7hKkXn:k47gKNkhm/JuyXnPB+h8WHlBjvrEH7Jn

    Score
    10/10
    floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks