Overview

overview

10

Static

static

3

JaffaCakes...8d.exe

windows7-x64

10

JaffaCakes...8d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ade97ee2d8365bac817b0ce3c933cd8d

  • Size

    408KB

  • Sample

    250108-1f4desvjev

  • MD5

    ade97ee2d8365bac817b0ce3c933cd8d

  • SHA1

    3c01c46b6f14a5e752b78c7bd7916cfea7cb81ef

  • SHA256

    8d5b572415a417017f3cac4151ee47381999a7826c09553160512310314aec68

  • SHA512

    77e5d1c56ce91c9650b6c5aa70b7d887214aa4a5228fbc31a283ea6f2900dbdbfa4e84dcd5051f58023f4e369dbe0050c23970daf7ea284ae0d9d72910706d13

  • SSDEEP

    12288:OaI7cLZ/ngbp1pId1J0RRbqIWBjvrEH7z:MYqbC1J6ArEH7z

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_ade97ee2d8365bac817b0ce3c933cd8d

    • Size

      408KB

    • MD5

      ade97ee2d8365bac817b0ce3c933cd8d

    • SHA1

      3c01c46b6f14a5e752b78c7bd7916cfea7cb81ef

    • SHA256

      8d5b572415a417017f3cac4151ee47381999a7826c09553160512310314aec68

    • SHA512

      77e5d1c56ce91c9650b6c5aa70b7d887214aa4a5228fbc31a283ea6f2900dbdbfa4e84dcd5051f58023f4e369dbe0050c23970daf7ea284ae0d9d72910706d13

    • SSDEEP

      12288:OaI7cLZ/ngbp1pId1J0RRbqIWBjvrEH7z:MYqbC1J6ArEH7z

    Score
    10/10
    floxifbackdoordiscoverytrojanupxpersistenceprivilege_escalation

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks