General
-
Target
2025-02-01_7f470997398c7909e9153af12cf8d243_floxif_mafia
-
Size
1.8MB
-
Sample
250201-pmmhpstqbl
-
MD5
7f470997398c7909e9153af12cf8d243
-
SHA1
be6177c76f222e766f5420d717a7ad84efe488fc
-
SHA256
dbe9dc26fda320b159b745c57da2dc0056e3612aaccfb5a445742efb305bbdc5
-
SHA512
22e86cdeb3b9bdbae8bd6a32231ca196f64073f871644c7f962323b590ee5c66dabc9ea606efc8234e5de773df8891d3edd4c00072cf355d6820f73395a17a94
-
SSDEEP
49152:W5Zp6SIguuMR5+s5fvDwpPtwHvehhFKT8oBaqBeqyZSERu9WN:W5qSfuuGv0pPWehhFMBpBeq0z
Malware Config
Targets
-
-
Target
2025-02-01_7f470997398c7909e9153af12cf8d243_floxif_mafia
-
Size
1.8MB
-
MD5
7f470997398c7909e9153af12cf8d243
-
SHA1
be6177c76f222e766f5420d717a7ad84efe488fc
-
SHA256
dbe9dc26fda320b159b745c57da2dc0056e3612aaccfb5a445742efb305bbdc5
-
SHA512
22e86cdeb3b9bdbae8bd6a32231ca196f64073f871644c7f962323b590ee5c66dabc9ea606efc8234e5de773df8891d3edd4c00072cf355d6820f73395a17a94
-
SSDEEP
49152:W5Zp6SIguuMR5+s5fvDwpPtwHvehhFKT8oBaqBeqyZSERu9WN:W5qSfuuGv0pPWehhFMBpBeq0z
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-