General
-
Target
2025-01-08_b84b7512f5ae1dabc127b33877a77ac1_floxif_mafia
-
Size
2.5MB
-
Sample
250108-s8bvwavlfy
-
MD5
b84b7512f5ae1dabc127b33877a77ac1
-
SHA1
9c3080bc2a766a7a29545627bf80f728f1a37444
-
SHA256
85416d482b7294eedc28db92705a618bbf45a9311e04ee77ab7dd57a44333973
-
SHA512
0826f6b42d1f36f9748ee90035d5d2ed0e778acf8017fc57f535fe047469b96bc91e484b62ccd980bf81690f0925c3c26570f54b3a4131dd11bda89f8c0dc029
-
SSDEEP
49152:OuIIKCofs2hPd2l177BTK2VbDsar1YDjY:OjDfs2hPIl1/j
Malware Config
Targets
-
-
Target
2025-01-08_b84b7512f5ae1dabc127b33877a77ac1_floxif_mafia
-
Size
2.5MB
-
MD5
b84b7512f5ae1dabc127b33877a77ac1
-
SHA1
9c3080bc2a766a7a29545627bf80f728f1a37444
-
SHA256
85416d482b7294eedc28db92705a618bbf45a9311e04ee77ab7dd57a44333973
-
SHA512
0826f6b42d1f36f9748ee90035d5d2ed0e778acf8017fc57f535fe047469b96bc91e484b62ccd980bf81690f0925c3c26570f54b3a4131dd11bda89f8c0dc029
-
SSDEEP
49152:OuIIKCofs2hPd2l177BTK2VbDsar1YDjY:OjDfs2hPIl1/j
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-