floxif | 12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806 | Triage

Submit
Reports

Overview

overview

Static

static

3

12f5bc8849...06.dll

windows7-x64

12f5bc8849...06.dll

windows10-2004-x64

Sharing

General

Target

12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806
Size

116KB
Sample

250103-yq1deatlhp
MD5

46b6bd7e52c5f33086e7832675562ade
SHA1

39a6c08c4412383a98263ebef14f47fe5baa8bc6
SHA256

12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806
SHA512

522b400dae4ffdfbc012713d59ac0c16ee176c5613fe20a1b5e45b79f2321d34f18b4ab4917a0f52df6586dead91371c2adeffb31190f3db4eeedc2b05ea0026
SSDEEP

1536:cvDOU9g2fdrn+k1Lo3yTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQM+pIT:cvZJZLo3U2lQBV+UdE+rECWp7hK4pti

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806.dll

Resource

win7-20241010-en

floxif backdoor discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806.dll

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806
- Size
  
  116KB
- MD5
  
  46b6bd7e52c5f33086e7832675562ade
- SHA1
  
  39a6c08c4412383a98263ebef14f47fe5baa8bc6
- SHA256
  
  12f5bc8849d0a4ed55015bdc1ea5476bbff4c9dd914303633aba1bc7ed6fa806
- SHA512
  
  522b400dae4ffdfbc012713d59ac0c16ee176c5613fe20a1b5e45b79f2321d34f18b4ab4917a0f52df6586dead91371c2adeffb31190f3db4eeedc2b05ea0026
- SSDEEP
  
  1536:cvDOU9g2fdrn+k1Lo3yTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQM+pIT:cvZJZLo3U2lQBV+UdE+rECWp7hK4pti
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy