General
-
Target
2025-01-10_f5a5efeda219465e90ecf3a09119234d_floxif_icedid
-
Size
2.6MB
-
Sample
250110-ct188aymhx
-
MD5
f5a5efeda219465e90ecf3a09119234d
-
SHA1
aec715847551f15ca7175265e3bac2edb1a1bec7
-
SHA256
7d30bbae982914c832a23c54d0836a22e9513beef002f758c2ed46228b005964
-
SHA512
f8f9adf0072d6f54b4d016d85b400c7b413bfc339bae210f70955edcd063d0d13d87d391bd58fcbc3e6149ff18df3d95c3ccb126668a34d180f00ba83bae1b19
-
SSDEEP
24576:RpqzhKwykVFLvty85U+PzY0Ff5lAVElV7mTYSlLGaqlzd6PSdTjo8ufJa/zfzkjE:RpAhDFy+zWOgLvqlzgQTWfJa/jzkjky6
Malware Config
Targets
-
-
Target
2025-01-10_f5a5efeda219465e90ecf3a09119234d_floxif_icedid
-
Size
2.6MB
-
MD5
f5a5efeda219465e90ecf3a09119234d
-
SHA1
aec715847551f15ca7175265e3bac2edb1a1bec7
-
SHA256
7d30bbae982914c832a23c54d0836a22e9513beef002f758c2ed46228b005964
-
SHA512
f8f9adf0072d6f54b4d016d85b400c7b413bfc339bae210f70955edcd063d0d13d87d391bd58fcbc3e6149ff18df3d95c3ccb126668a34d180f00ba83bae1b19
-
SSDEEP
24576:RpqzhKwykVFLvty85U+PzY0Ff5lAVElV7mTYSlLGaqlzd6PSdTjo8ufJa/zfzkjE:RpAhDFy+zWOgLvqlzgQTWfJa/jzkjky6
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-