floxif | 328f033dad3a97eb51c9d9b1561cf703d7376b3d24ec5328a2038cc9b34ee15f | Triage

Submit
Reports

Overview

overview

Static

static

1

2024-12-29...ia.exe

windows7-x64

2024-12-29...ia.exe

windows10-2004-x64

Sharing

General

Target

2024-12-29_f09a314617870028095236cd2506219a_floxif_mafia
Size

5.8MB
Sample

241229-ydaxzswldv
MD5

f09a314617870028095236cd2506219a
SHA1

d5ddf0e623b763d1758a723f48afc79c1346d315
SHA256

328f033dad3a97eb51c9d9b1561cf703d7376b3d24ec5328a2038cc9b34ee15f
SHA512

c860d537370a2a39132f56051b052002f0dccafa2a60d8dae33f3182bc7cd80f899041b832c58adf8d72deb9b892a6999c9b000a2c0e82066791a1ebcf38393f
SSDEEP

98304:WAPh2maE8/FLGK13R7RIS7M2BsB2tFXFWcQ6DcffluOwi4YJZBRb4fiaBp7o8da7:W2raE8/NBU2EiDcffIU8da7

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

2024-12-29_f09a314617870028095236cd2506219a_floxif_mafia.exe

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-12-29_f09a314617870028095236cd2506219a_floxif_mafia.exe

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-12-29_f09a314617870028095236cd2506219a_floxif_mafia
- Size
  
  5.8MB
- MD5
  
  f09a314617870028095236cd2506219a
- SHA1
  
  d5ddf0e623b763d1758a723f48afc79c1346d315
- SHA256
  
  328f033dad3a97eb51c9d9b1561cf703d7376b3d24ec5328a2038cc9b34ee15f
- SHA512
  
  c860d537370a2a39132f56051b052002f0dccafa2a60d8dae33f3182bc7cd80f899041b832c58adf8d72deb9b892a6999c9b000a2c0e82066791a1ebcf38393f
- SSDEEP
  
  98304:WAPh2maE8/FLGK13R7RIS7M2BsB2tFXFWcQ6DcffluOwi4YJZBRb4fiaBp7o8da7:W2raE8/NBU2EiDcffIU8da7
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy