Overview

overview

10

Static

static

1

2025-01-04...id.exe

windows7-x64

10

2025-01-04...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-04_6fce34d2954449108c250354fd9dbb0a_floxif_icedid

  • Size

    869KB

  • Sample

    250104-cp2n7aykfm

  • MD5

    6fce34d2954449108c250354fd9dbb0a

  • SHA1

    f4badbb72fe9cb1a4ad03213e63a254bb226aa2f

  • SHA256

    a77ca398aa760c0a2a1b7f2f50f5f2cc04135c3d8f753cb6341ab75f522aaad7

  • SHA512

    e2506530e8fbeb24b923ad5c5e08f219fad50e119d8cf2891eee8a69216cd716dff4aaeadcd1c6ffa2a97d7fa695945b082cea812384269a05f50acd646008f7

  • SSDEEP

    12288:C/AwQ9izQ467mwAyKa9vRlN3LUcqC0EWUjBjvrEH7H:C/AwQO5wR1lN3L1qC0EF5rEH7H

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2025-01-04_6fce34d2954449108c250354fd9dbb0a_floxif_icedid

    • Size

      869KB

    • MD5

      6fce34d2954449108c250354fd9dbb0a

    • SHA1

      f4badbb72fe9cb1a4ad03213e63a254bb226aa2f

    • SHA256

      a77ca398aa760c0a2a1b7f2f50f5f2cc04135c3d8f753cb6341ab75f522aaad7

    • SHA512

      e2506530e8fbeb24b923ad5c5e08f219fad50e119d8cf2891eee8a69216cd716dff4aaeadcd1c6ffa2a97d7fa695945b082cea812384269a05f50acd646008f7

    • SSDEEP

      12288:C/AwQ9izQ467mwAyKa9vRlN3LUcqC0EWUjBjvrEH7H:C/AwQO5wR1lN3L1qC0EF5rEH7H

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks