floxif | 2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c | Triage

Submit
Reports

Overview

overview

Static

static

2876d1251d...9c.dll

windows7-x64

5

2876d1251d...9c.dll

windows10-2004-x64

8

Sharing

General

Target

2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c.exe
Size

76KB
Sample

241230-y1srbawrgr
MD5

00f0859ea67c1a23585c2aaec31145d6
SHA1

a5859c40164dc28fbd5eeef9ea91145d53beb74b
SHA256

2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c
SHA512

d8ed581ee16b5f7cee5d6c536b75cacaceeb216084d7739a9c22083465584d81babdd288aa9a12103f1727468c41026550ef0b52657a516957ff8d5f92a8a680
SSDEEP

1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z10hu:c8y93KQjy7G55riF1cMo03Dl

Score

10^/10

floxif backdoor discovery persistence privilege_escalation upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c.dll

Resource

win7-20240903-en

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c.dll

Resource

win10v2004-20241007-en

discovery persistence privilege_escalation upx

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Targets

- Target
  
  2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c.exe
- Size
  
  76KB
- MD5
  
  00f0859ea67c1a23585c2aaec31145d6
- SHA1
  
  a5859c40164dc28fbd5eeef9ea91145d53beb74b
- SHA256
  
  2876d1251d872d12ae869bb865d818453f75b0cce197e914a5e0f1753e1e8b9c
- SHA512
  
  d8ed581ee16b5f7cee5d6c536b75cacaceeb216084d7739a9c22083465584d81babdd288aa9a12103f1727468c41026550ef0b52657a516957ff8d5f92a8a680
- SSDEEP
  
  1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z10hu:c8y93KQjy7G55riF1cMo03Dl
Score

8^/10

discovery upx persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorupxfloxif

behavioral1

behavioral2

discoverypersistenceprivilege_escalationupx

© 2018-2025

Terms | Privacy