General
-
Target
2025-01-28_7f3f836972830585056028bef169c382_floxif_mafia
-
Size
1.7MB
-
Sample
250128-ccdrlatjft
-
MD5
7f3f836972830585056028bef169c382
-
SHA1
584290384e4128fabfbf42a44c92433879a24b4f
-
SHA256
796f465d992bf532c7162bdaa31ddd470681bcb0735dfc437c3fced829e9446f
-
SHA512
76ae4d687433dfa77ec306d277abfc9c053a92483498320d5efc9033a1b924c7b9d66282c406dac9fb804cfe582d0b5b3e1d43160f454bc518a5e5a65f8e3b2e
-
SSDEEP
49152:dry/+d9KLFmndATsW32TFw3/9htahlYv2H5WA9w1pI1YTST9lYwQTn8gsc+:dnLKLFmqTsW32Tg/9Qls2H5WA9wDlAPb
Malware Config
Targets
-
-
Target
2025-01-28_7f3f836972830585056028bef169c382_floxif_mafia
-
Size
1.7MB
-
MD5
7f3f836972830585056028bef169c382
-
SHA1
584290384e4128fabfbf42a44c92433879a24b4f
-
SHA256
796f465d992bf532c7162bdaa31ddd470681bcb0735dfc437c3fced829e9446f
-
SHA512
76ae4d687433dfa77ec306d277abfc9c053a92483498320d5efc9033a1b924c7b9d66282c406dac9fb804cfe582d0b5b3e1d43160f454bc518a5e5a65f8e3b2e
-
SSDEEP
49152:dry/+d9KLFmndATsW32TFw3/9htahlYv2H5WA9w1pI1YTST9lYwQTn8gsc+:dnLKLFmqTsW32Tg/9Qls2H5WA9wDlAPb
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-