General

  • Target

    2025-01-30_e0f21ff0785266b2a97387a6a215d702_bkransomware_floxif

  • Size

    3.4MB

  • Sample

    250130-c6sslswnav

  • MD5

    e0f21ff0785266b2a97387a6a215d702

  • SHA1

    fea5d73c59047f7163f0f8ec144b36c39fafb64e

  • SHA256

    f0d5c7438682a8c57a9863c274bfafd5396ec458e6654daf465bac6c56219204

  • SHA512

    7d9c725799887baba49f74251ee205c3014d94488166c012161ca45d9852cc7b5e2f9f417a08f3d7727b35585ea7176b6e59b7a335862b338123b088c4db7b94

  • SSDEEP

    98304:T8n/l3KWOxDpha6HR4X9wB7D4aJFFLOAkGkzdnEVomFHKnPwO:Teuc9wB7UaPFLOyomFHKnPH

Malware Config

Targets

    • Target

      2025-01-30_e0f21ff0785266b2a97387a6a215d702_bkransomware_floxif

    • Size

      3.4MB

    • MD5

      e0f21ff0785266b2a97387a6a215d702

    • SHA1

      fea5d73c59047f7163f0f8ec144b36c39fafb64e

    • SHA256

      f0d5c7438682a8c57a9863c274bfafd5396ec458e6654daf465bac6c56219204

    • SHA512

      7d9c725799887baba49f74251ee205c3014d94488166c012161ca45d9852cc7b5e2f9f417a08f3d7727b35585ea7176b6e59b7a335862b338123b088c4db7b94

    • SSDEEP

      98304:T8n/l3KWOxDpha6HR4X9wB7D4aJFFLOAkGkzdnEVomFHKnPwO:Teuc9wB7UaPFLOyomFHKnPH

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.