floxif | a52e5ae282ceef7d8b9a779422c83985945e51e877a7afa17d95d7189399686d

General

Target

a52e5ae282ceef7d8b9a779422c83985945e51e877a7afa17d95d7189399686dN.exe
Size

1.7MB
Sample

250104-vawhqsxqfy
MD5

f96efaca96a83f75c903324eab80bbb0
SHA1

2585d288d6e54f089cae775ac4ce9cafb5b7259f
SHA256

a52e5ae282ceef7d8b9a779422c83985945e51e877a7afa17d95d7189399686d
SHA512

6134c36b4d318218bc7620716c41282bb857b3394a609d7c3dd7f8e411d8e3e4d05e44f8b52f22ce515d557cf40b5f0962c32f5b768bfba2c9e5b9971eac1162
SSDEEP

24576:RcHPcgkDwhpEPQzH/tX4hzRBiXJk3wbFJjTib7DllUD4+DXj/KOvc5AmfQQRAH1+:OrylBcbybf+Tv2AIVRkokHT9krrkQ1qw

Score

10^/10

Malware Config

Targets

- Target
  
  a52e5ae282ceef7d8b9a779422c83985945e51e877a7afa17d95d7189399686dN.exe
- Size
  
  1.7MB
- MD5
  
  f96efaca96a83f75c903324eab80bbb0
- SHA1
  
  2585d288d6e54f089cae775ac4ce9cafb5b7259f
- SHA256
  
  a52e5ae282ceef7d8b9a779422c83985945e51e877a7afa17d95d7189399686d
- SHA512
  
  6134c36b4d318218bc7620716c41282bb857b3394a609d7c3dd7f8e411d8e3e4d05e44f8b52f22ce515d557cf40b5f0962c32f5b768bfba2c9e5b9971eac1162
- SSDEEP
  
  24576:RcHPcgkDwhpEPQzH/tX4hzRBiXJk3wbFJjTib7DllUD4+DXj/KOvc5AmfQQRAH1+:OrylBcbybf+Tv2AIVRkokHT9krrkQ1qw
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2