Overview

overview

10

Static

static

1

2025-01-04...ia.exe

windows7-x64

10

2025-01-04...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-04_0957040449fd45eb0cb04ad0abd55f49_floxif_mafia

  • Size

    306KB

  • Sample

    250104-pj88asypgy

  • MD5

    0957040449fd45eb0cb04ad0abd55f49

  • SHA1

    62879dff8068ffda52c59164ad24f7c1e37a4347

  • SHA256

    b836c8a0d5def0198309bad4e54bda6e4f0004137e0176236c123b49aea09671

  • SHA512

    775c280b2eef5096f116c06a664e8104856781e6e6141697aa163fa17b3c327c5f3a4085fe376bc2cdd3564475431c1d7381c6b429c59611b051fbf4f6b9ab3b

  • SSDEEP

    6144:02MNLF0O+gSqWxrAbX1yqNNAQHSYvBV+UdvrEFp7hK1w/GI:0/H0OSqWxsbXgSiYvBjvrEH7kw/GI

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

Malware Config

Targets

    • Target

      2025-01-04_0957040449fd45eb0cb04ad0abd55f49_floxif_mafia

    • Size

      306KB

    • MD5

      0957040449fd45eb0cb04ad0abd55f49

    • SHA1

      62879dff8068ffda52c59164ad24f7c1e37a4347

    • SHA256

      b836c8a0d5def0198309bad4e54bda6e4f0004137e0176236c123b49aea09671

    • SHA512

      775c280b2eef5096f116c06a664e8104856781e6e6141697aa163fa17b3c327c5f3a4085fe376bc2cdd3564475431c1d7381c6b429c59611b051fbf4f6b9ab3b

    • SSDEEP

      6144:02MNLF0O+gSqWxrAbX1yqNNAQHSYvBV+UdvrEFp7hK1w/GI:0/H0OSqWxsbXgSiYvBjvrEH7kw/GI

    Score
    10/10
    floxifbackdoordiscoverytrojanupxpersistenceprivilege_escalation

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks