floxif | 644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c | Triage

Submit
Reports

Overview

overview

Static

static

1

644d100cb3...6c.exe

windows7-x64

644d100cb3...6c.exe

windows10-2004-x64

Sharing

General

Target

644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c
Size

234KB
Sample

241230-gm76eazqay
MD5

764dd40cf00d179c4ce3561e85ef336d
SHA1

e401470f0356d217a0444038dcaaa700108429c1
SHA256

644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c
SHA512

2386a2331eeea984fbe5d4ada723b10a8a24f466e416ac8fc2cd1fa3a182020de0f39e3795f40ea8e35ac9abd795dc1f38891dcef2a9feb0cff9a58de1da52b1
SSDEEP

3072:uwzvOYTr5YP//Q/DvbEvK9aobNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZ1:briP//Yh9H/B+/kBV+UdvrEFp7hKpprp

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c.exe

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c.exe

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c
- Size
  
  234KB
- MD5
  
  764dd40cf00d179c4ce3561e85ef336d
- SHA1
  
  e401470f0356d217a0444038dcaaa700108429c1
- SHA256
  
  644d100cb351e82e68fda58b32fd11298525523f89d2c0626e7cc716ea668d6c
- SHA512
  
  2386a2331eeea984fbe5d4ada723b10a8a24f466e416ac8fc2cd1fa3a182020de0f39e3795f40ea8e35ac9abd795dc1f38891dcef2a9feb0cff9a58de1da52b1
- SSDEEP
  
  3072:uwzvOYTr5YP//Q/DvbEvK9aobNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZ1:briP//Yh9H/B+/kBV+UdvrEFp7hKpprp
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy