Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

8d92dce4d8...3N.dll

windows7-x64

10

8d92dce4d8...3N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d92dce4d8d5055748174f2661b5414a4690877110b9c3563566a09176b82353N.exe

  • Size

    624KB

  • Sample

    241226-wdtc8atkfj

  • MD5

    86e906b0609c0d77772c5c99cc354680

  • SHA1

    041ecf8cf1dabde2935b25107b87cfff3d36fd91

  • SHA256

    8d92dce4d8d5055748174f2661b5414a4690877110b9c3563566a09176b82353

  • SHA512

    077f82a345b420a19715a69e38c6bab2b7722fc2dfef377cfc945046ec9675a24b3a07382e5a5dd02368265b3b2d1d63ccae552aa36e5ab4e9d9dc563b826df7

  • SSDEEP

    12288:zVrpVOWjc8SBe+CLA/7DxWSQ9npqBL9EXtwJcBjvrEH7H2:AqxSBew/JBUpqBL9qtKWrEH7H2

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

Malware Config

Targets

    • Target

      8d92dce4d8d5055748174f2661b5414a4690877110b9c3563566a09176b82353N.exe

    • Size

      624KB

    • MD5

      86e906b0609c0d77772c5c99cc354680

    • SHA1

      041ecf8cf1dabde2935b25107b87cfff3d36fd91

    • SHA256

      8d92dce4d8d5055748174f2661b5414a4690877110b9c3563566a09176b82353

    • SHA512

      077f82a345b420a19715a69e38c6bab2b7722fc2dfef377cfc945046ec9675a24b3a07382e5a5dd02368265b3b2d1d63ccae552aa36e5ab4e9d9dc563b826df7

    • SSDEEP

      12288:zVrpVOWjc8SBe+CLA/7DxWSQ9npqBL9EXtwJcBjvrEH7H2:AqxSBew/JBUpqBL9qtKWrEH7H2

    Score
    10/10
    floxifbackdoordiscoverytrojanupxpersistenceprivilege_escalation

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks