General
-
Target
2025-01-05_c60c7f9b5d9c86e94fa99ec4cdb3919e_avoslocker_floxif_luca-stealer
-
Size
7.4MB
-
Sample
250105-aq7wgsvmdz
-
MD5
c60c7f9b5d9c86e94fa99ec4cdb3919e
-
SHA1
10809861023ca5aab48ee8ad993da04a8114cb27
-
SHA256
c3361c770fbd39d23028233384972993ce8926521767555858742d42930cc0bc
-
SHA512
ffd568f2f4300e9428cb856d5f18a246648ce250f3f0f0e97ec3a8fff4081f0b710fc92a8616105bc83ce66154c493f91f8e20166da248dec64fca330128dc74
-
SSDEEP
98304:sz16s9EwkidrwQwPNz9u/ZZmDZJErbXQbZT7wIX02t:sz16gBrd3Eu/XmDZib0tt
Malware Config
Targets
-
-
Target
2025-01-05_c60c7f9b5d9c86e94fa99ec4cdb3919e_avoslocker_floxif_luca-stealer
-
Size
7.4MB
-
MD5
c60c7f9b5d9c86e94fa99ec4cdb3919e
-
SHA1
10809861023ca5aab48ee8ad993da04a8114cb27
-
SHA256
c3361c770fbd39d23028233384972993ce8926521767555858742d42930cc0bc
-
SHA512
ffd568f2f4300e9428cb856d5f18a246648ce250f3f0f0e97ec3a8fff4081f0b710fc92a8616105bc83ce66154c493f91f8e20166da248dec64fca330128dc74
-
SSDEEP
98304:sz16s9EwkidrwQwPNz9u/ZZmDZJErbXQbZT7wIX02t:sz16gBrd3Eu/XmDZib0tt
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-