General

  • Target

    2025-01-28_9c487396f1c70ab283e1bfd2571cd3fb_floxif_mafia

  • Size

    3.4MB

  • Sample

    250128-cfc98stpcl

  • MD5

    9c487396f1c70ab283e1bfd2571cd3fb

  • SHA1

    565214cc4283a1a8a7cbe031ca5bfb0c55de8582

  • SHA256

    d8577830b2418f8441f27b413c50645ff4f829d9e984df1bf86fe518779ea4d7

  • SHA512

    992afc06a34eddc6ed30fc80125a752f4e8ce316edecad358af7459c50ba5d5cb4f3dbe97432f2781efb2846edcc4a84e126c82e6f303417a37a8881c3e0dd64

  • SSDEEP

    98304:QL/KCxyNYosGAQEWGayy+tBH4U9+72usSA1CRQHcgD5O1:+/fkYPaQtbvusSA1CMO1

Malware Config

Targets

    • Target

      2025-01-28_9c487396f1c70ab283e1bfd2571cd3fb_floxif_mafia

    • Size

      3.4MB

    • MD5

      9c487396f1c70ab283e1bfd2571cd3fb

    • SHA1

      565214cc4283a1a8a7cbe031ca5bfb0c55de8582

    • SHA256

      d8577830b2418f8441f27b413c50645ff4f829d9e984df1bf86fe518779ea4d7

    • SHA512

      992afc06a34eddc6ed30fc80125a752f4e8ce316edecad358af7459c50ba5d5cb4f3dbe97432f2781efb2846edcc4a84e126c82e6f303417a37a8881c3e0dd64

    • SSDEEP

      98304:QL/KCxyNYosGAQEWGayy+tBH4U9+72usSA1CRQHcgD5O1:+/fkYPaQtbvusSA1CMO1

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks