floxif | f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601fe | Triage

Submit
Reports

Overview

overview

Static

static

f3e73ca804...eN.dll

windows7-x64

8

f3e73ca804...eN.dll

windows10-2004-x64

5

Sharing

General

Target

f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601feN.exe
Size

76KB
Sample

250104-3ykp5stngs
MD5

684d997b631e6e8ba4358ce092aa61b0
SHA1

c29c2f639339be9547cf8d559cc9aabeed5867fc
SHA256

f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601fe
SHA512

cff2c5b4a4c7542bef9c6ccbf70ea163934a0cfe680329f6aa74fe32a542deb9ffce0fed1da58ced0cd3cd57a98460ebee641cbe4f501a21c0924005fb95c743
SSDEEP

1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZkHeCKEt6C:c8y93KQjy7G55riF1cMo03iOEt6C

Score

10^/10

floxif backdoor discovery persistence privilege_escalation upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601feN.dll

Resource

win7-20240903-en

discovery persistence privilege_escalation upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601feN.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Targets

- Target
  
  f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601feN.exe
- Size
  
  76KB
- MD5
  
  684d997b631e6e8ba4358ce092aa61b0
- SHA1
  
  c29c2f639339be9547cf8d559cc9aabeed5867fc
- SHA256
  
  f3e73ca804d19ae1bebabc157d50f5e6b7818ae27a5c5b0876e3bd5079c601fe
- SHA512
  
  cff2c5b4a4c7542bef9c6ccbf70ea163934a0cfe680329f6aa74fe32a542deb9ffce0fed1da58ced0cd3cd57a98460ebee641cbe4f501a21c0924005fb95c743
- SSDEEP
  
  1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZkHeCKEt6C:c8y93KQjy7G55riF1cMo03iOEt6C
Score

8^/10

discovery persistence privilege_escalation upx
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorupxfloxif

behavioral1

discoverypersistenceprivilege_escalationupx

behavioral2

© 2018-2025

Terms | Privacy