floxif | afbe9d9ccd4b3d867617a6f6ffab8d33cbfa51ba8b2dc86304bed22472696c44

General

Target

afbe9d9ccd4b3d867617a6f6ffab8d33cbfa51ba8b2dc86304bed22472696c44
Size

304KB
Sample

250103-cz6e5awjdt
MD5

99a8f9b0744a9bd51daefd91895fc65b
SHA1

0cd4cbcda345917f91b6b246d4b50e75e148457a
SHA256

afbe9d9ccd4b3d867617a6f6ffab8d33cbfa51ba8b2dc86304bed22472696c44
SHA512

941e3cf23700207a17647d854b6184969e709af0f6ddb3029276be6be0b1602ddc786f401cc1dc9a08a464ee546b2d517eefc98bd1baa84bd3ae831e92c24420
SSDEEP

3072:XLWyS8fUjVkmmdzjsQvVqRlkM4OAD/KLznBuB2JA2BjZ1G:ayTfURkJsQvMRlkM4RD/qzMfUN1G

Score

10^/10

Malware Config

Targets

- Target
  
  afbe9d9ccd4b3d867617a6f6ffab8d33cbfa51ba8b2dc86304bed22472696c44
- Size
  
  304KB
- MD5
  
  99a8f9b0744a9bd51daefd91895fc65b
- SHA1
  
  0cd4cbcda345917f91b6b246d4b50e75e148457a
- SHA256
  
  afbe9d9ccd4b3d867617a6f6ffab8d33cbfa51ba8b2dc86304bed22472696c44
- SHA512
  
  941e3cf23700207a17647d854b6184969e709af0f6ddb3029276be6be0b1602ddc786f401cc1dc9a08a464ee546b2d517eefc98bd1baa84bd3ae831e92c24420
- SSDEEP
  
  3072:XLWyS8fUjVkmmdzjsQvVqRlkM4OAD/KLznBuB2JA2BjZ1G:ayTfURkJsQvMRlkM4RD/qzMfUN1G
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2