General
-
Target
2025-01-05_71e91fa2c91d45f5c7a81cbc7ffb13b5_floxif_mafia
-
Size
272KB
-
Sample
250105-wj35ls1pas
-
MD5
71e91fa2c91d45f5c7a81cbc7ffb13b5
-
SHA1
0927027f244500820b560941b888fee926a15779
-
SHA256
89c6804aa1c421dcaa2eab248778b8854e877546d7af823efd71857050c0a24e
-
SHA512
91f151d079d1f650df815a23588f7f28a917e4d746497aeca9ab72be6c96d7c32cafbc546581cd69a745c36a9c5365644b2ea312a5ed1aef7d671f175fd3cb4f
-
SSDEEP
6144:2MMZlyIxgMgDSkTUVsT+l2AbpLk0cusQvMRlkM4RD/qzMfUE:zMZlNkTUoG2qk0nMRGM4h/qof9
Malware Config
Targets
-
-
Target
2025-01-05_71e91fa2c91d45f5c7a81cbc7ffb13b5_floxif_mafia
-
Size
272KB
-
MD5
71e91fa2c91d45f5c7a81cbc7ffb13b5
-
SHA1
0927027f244500820b560941b888fee926a15779
-
SHA256
89c6804aa1c421dcaa2eab248778b8854e877546d7af823efd71857050c0a24e
-
SHA512
91f151d079d1f650df815a23588f7f28a917e4d746497aeca9ab72be6c96d7c32cafbc546581cd69a745c36a9c5365644b2ea312a5ed1aef7d671f175fd3cb4f
-
SSDEEP
6144:2MMZlyIxgMgDSkTUVsT+l2AbpLk0cusQvMRlkM4RD/qzMfUE:zMZlNkTUoG2qk0nMRGM4h/qof9
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-