General
-
Target
2024-12-30_289791b26129f06edbce0919e029c3e8_floxif_hijackloader_luca-stealer_magniber
-
Size
6.7MB
-
Sample
241230-mgfrvsxmcz
-
MD5
289791b26129f06edbce0919e029c3e8
-
SHA1
1f0ed692754098ad4c9b66e9d80701a3ebb90b12
-
SHA256
f585ad9d3945ba061756e96667915e6e863f8788018d56c6514945dc436810fa
-
SHA512
8ba2bf71cf9b2b4acd01c865924d5deda7f0320187a3cbc7a91b9bbbe7e78214af013c6f6cc02be86551eb5ac8f1d65d54f690773c997491c0f3de515ca47b91
-
SSDEEP
98304:H7vTScaK6TllY2G2XDR+NGJqUWgTDcBgxlsFydFPLbpxTaz/FQM:DTScaK6TllYq1q2wgxljPRxWL7
Malware Config
Targets
-
-
Target
2024-12-30_289791b26129f06edbce0919e029c3e8_floxif_hijackloader_luca-stealer_magniber
-
Size
6.7MB
-
MD5
289791b26129f06edbce0919e029c3e8
-
SHA1
1f0ed692754098ad4c9b66e9d80701a3ebb90b12
-
SHA256
f585ad9d3945ba061756e96667915e6e863f8788018d56c6514945dc436810fa
-
SHA512
8ba2bf71cf9b2b4acd01c865924d5deda7f0320187a3cbc7a91b9bbbe7e78214af013c6f6cc02be86551eb5ac8f1d65d54f690773c997491c0f3de515ca47b91
-
SSDEEP
98304:H7vTScaK6TllY2G2XDR+NGJqUWgTDcBgxlsFydFPLbpxTaz/FQM:DTScaK6TllYq1q2wgxljPRxWL7
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-