General
-
Target
2025-01-07_e96f3d22ed27a0d3449834ff9a6d9311_floxif_hijackloader_mafia
-
Size
562KB
-
Sample
250107-tv1shsymey
-
MD5
e96f3d22ed27a0d3449834ff9a6d9311
-
SHA1
7787b63ab97aba5778ea4d85247f2139d5430777
-
SHA256
deabbe9a342db8a233cd088fbc48efd61fad52ab2869013a54cf9cea6bc791f0
-
SHA512
15887cb529056636dffbf20b18f7f8e42ea1a9cd9ddb5bdd3e44b708d9ff9546ddaa857311ea2c29982201ef253cbfaea2bb1f81e311d707db0ffcefdd67c1d6
-
SSDEEP
12288:gnR+T6j6X+UjH7wEGY45uSlvdGWBjvrEH7Q:gnR+T62+U776kivd1rEH7Q
Malware Config
Targets
-
-
Target
2025-01-07_e96f3d22ed27a0d3449834ff9a6d9311_floxif_hijackloader_mafia
-
Size
562KB
-
MD5
e96f3d22ed27a0d3449834ff9a6d9311
-
SHA1
7787b63ab97aba5778ea4d85247f2139d5430777
-
SHA256
deabbe9a342db8a233cd088fbc48efd61fad52ab2869013a54cf9cea6bc791f0
-
SHA512
15887cb529056636dffbf20b18f7f8e42ea1a9cd9ddb5bdd3e44b708d9ff9546ddaa857311ea2c29982201ef253cbfaea2bb1f81e311d707db0ffcefdd67c1d6
-
SSDEEP
12288:gnR+T6j6X+UjH7wEGY45uSlvdGWBjvrEH7Q:gnR+T62+U776kivd1rEH7Q
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-