floxif | 89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62 | Triage

Submit
Reports

Overview

overview

Static

static

1

89b8cb1ec1...62.exe

windows7-x64

89b8cb1ec1...62.exe

windows10-2004-x64

Sharing

General

Target

89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62
Size

407KB
Sample

250119-e5j57awpfq
MD5

469331d6c48cd5f25fd98ec753227bd1
SHA1

9e2f7bd84442b3df63b91b9cebdde1c248c10323
SHA256

89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62
SHA512

8a85b3cf93d409d4806e608184d2a836df0468d2a19960dd3bf8b21fff8a5d634d8f073cd9a45bb37ba74f99ae29a18d228104c14caa795ec030770294e1c34d
SSDEEP

6144:L+5wI8Ec3nSt6BtdIZ2I1fyU265BgpfmPoaQoBnDuiMi8EPLBV+UdvrEFp7hK0Z:LywVB/IZ2WH2/lcZmEPLBjvrEH7zZ

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62.exe

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62.exe

Resource

win10v2004-20241007-en

floxif backdoor discovery trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62
- Size
  
  407KB
- MD5
  
  469331d6c48cd5f25fd98ec753227bd1
- SHA1
  
  9e2f7bd84442b3df63b91b9cebdde1c248c10323
- SHA256
  
  89b8cb1ec13fe3ec7f165fd438a2696105189822da38304d1bb9d873097fad62
- SHA512
  
  8a85b3cf93d409d4806e608184d2a836df0468d2a19960dd3bf8b21fff8a5d634d8f073cd9a45bb37ba74f99ae29a18d228104c14caa795ec030770294e1c34d
- SSDEEP
  
  6144:L+5wI8Ec3nSt6BtdIZ2I1fyU265BgpfmPoaQoBnDuiMi8EPLBV+UdvrEFp7hK0Z:LywVB/IZ2WH2/lcZmEPLBjvrEH7zZ
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy