floxif | 29049e4054a1f629c792b559e2efa926ffc674485e13c993a7a61c6a406d0a71 | Triage

Submit
Reports

Overview

overview

Static

static

1

2025-01-11...id.exe

windows7-x64

2025-01-11...id.exe

windows10-2004-x64

Sharing

General

Target

2025-01-11_f348a286f65b7cba33fabe2a66f9c5b7_floxif_hijackloader_icedid
Size

3.2MB
Sample

250111-ca9q9azrel
MD5

f348a286f65b7cba33fabe2a66f9c5b7
SHA1

9ff61a9636931bad0045d8dfd36d39be343c6dba
SHA256

29049e4054a1f629c792b559e2efa926ffc674485e13c993a7a61c6a406d0a71
SHA512

4c2c040b094cbd03dc2f8bd1ceb2df04fcc56f376a5165f1d1ea8599634a17a8ee9761f8de4acbb140e8119a2fe66dad80453a6e9dd2f74a4b5f4a5a8d746819
SSDEEP

49152:2KT5razB15YsBNMqxs9j7GvQDf536Ubmezbj2PSWMNXoRnbt3NPBtpCW1zMt:2KMHXADyPSWMNXoRPBtMW2t

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

2025-01-11_f348a286f65b7cba33fabe2a66f9c5b7_floxif_hijackloader_icedid.exe

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-01-11_f348a286f65b7cba33fabe2a66f9c5b7_floxif_hijackloader_icedid.exe

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-01-11_f348a286f65b7cba33fabe2a66f9c5b7_floxif_hijackloader_icedid
- Size
  
  3.2MB
- MD5
  
  f348a286f65b7cba33fabe2a66f9c5b7
- SHA1
  
  9ff61a9636931bad0045d8dfd36d39be343c6dba
- SHA256
  
  29049e4054a1f629c792b559e2efa926ffc674485e13c993a7a61c6a406d0a71
- SHA512
  
  4c2c040b094cbd03dc2f8bd1ceb2df04fcc56f376a5165f1d1ea8599634a17a8ee9761f8de4acbb140e8119a2fe66dad80453a6e9dd2f74a4b5f4a5a8d746819
- SSDEEP
  
  49152:2KT5razB15YsBNMqxs9j7GvQDf536Ubmezbj2PSWMNXoRnbt3NPBtpCW1zMt:2KMHXADyPSWMNXoRPBtMW2t
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy