floxif | da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2 | Triage

Submit
Reports

Overview

overview

Static

static

da582b21e1...2N.dll

windows7-x64

8

da582b21e1...2N.dll

windows10-2004-x64

5

Sharing

General

Target

da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2N.exe
Size

76KB
Sample

250102-gn14gsyren
MD5

219d127e7d658e3f6824051767a7a9c0
SHA1

198d11814705b44da492f371a8a71c5b5c299bd1
SHA256

da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2
SHA512

c1e466f0bd62e999c766af0e9642ba9f1ac24568e94b3204cb97e7a80779a18f0184b9e2cb53a00610b8a2bf23a105e7d2ceb4b56ec867d4e609e966b3349a5e
SSDEEP

1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zm0s8A8Xp:c8y93KQjy7G55riF1cMo03M0s8Aep

Score

10^/10

floxif backdoor discovery persistence privilege_escalation upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2N.dll

Resource

win7-20240903-en

discovery persistence privilege_escalation upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2N.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Targets

- Target
  
  da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2N.exe
- Size
  
  76KB
- MD5
  
  219d127e7d658e3f6824051767a7a9c0
- SHA1
  
  198d11814705b44da492f371a8a71c5b5c299bd1
- SHA256
  
  da582b21e1f414e1c445f500da9da6aeb54b91a1db8f3885a8c832187392dce2
- SHA512
  
  c1e466f0bd62e999c766af0e9642ba9f1ac24568e94b3204cb97e7a80779a18f0184b9e2cb53a00610b8a2bf23a105e7d2ceb4b56ec867d4e609e966b3349a5e
- SSDEEP
  
  1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zm0s8A8Xp:c8y93KQjy7G55riF1cMo03M0s8Aep
Score

8^/10

discovery persistence privilege_escalation upx
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorupxfloxif

behavioral1

discoverypersistenceprivilege_escalationupx

behavioral2

© 2018-2025

Terms | Privacy