floxif | d0017b52249568da59d8221f57a24a31f902a81233a80c40a3a2558c21e9c686

General

Target

d0017b52249568da59d8221f57a24a31f902a81233a80c40a3a2558c21e9c686N.exe
Size

1.7MB
Sample

241226-z8s8gs1kft
MD5

3c0de83ce19871d58c88715c13a22be0
SHA1

11f4d97d5d2061f1093d6003a4b7496f0873c3e7
SHA256

d0017b52249568da59d8221f57a24a31f902a81233a80c40a3a2558c21e9c686
SHA512

0e3643017431393fac4882c0d0e5d83b526be4dda873d477757679ba026f48a79ef60de073c3f3005de446d6bcb399813ebc426d72dd19218659d988578b3cb5
SSDEEP

24576:RcHPcgkDwhpEPQzH/tX4hzRBqXJk3wbFJjTib7DllUD47SDXj/KOYc5AmfQQRAHf:OrylBUbybfOTvDAIVRkokHT9krrkQ1qD

Score

10^/10

Malware Config

Targets

- Target
  
  d0017b52249568da59d8221f57a24a31f902a81233a80c40a3a2558c21e9c686N.exe
- Size
  
  1.7MB
- MD5
  
  3c0de83ce19871d58c88715c13a22be0
- SHA1
  
  11f4d97d5d2061f1093d6003a4b7496f0873c3e7
- SHA256
  
  d0017b52249568da59d8221f57a24a31f902a81233a80c40a3a2558c21e9c686
- SHA512
  
  0e3643017431393fac4882c0d0e5d83b526be4dda873d477757679ba026f48a79ef60de073c3f3005de446d6bcb399813ebc426d72dd19218659d988578b3cb5
- SSDEEP
  
  24576:RcHPcgkDwhpEPQzH/tX4hzRBqXJk3wbFJjTib7DllUD47SDXj/KOYc5AmfQQRAHf:OrylBUbybfOTvDAIVRkokHT9krrkQ1qD
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2