Overview

overview

10

Static

static

3

63426b7481...af.exe

windows7-x64

10

63426b7481...af.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    63426b748160cff2c0a541eb2c06b2d81497a84d20351fca212c13e9779af8af

  • Size

    272KB

  • Sample

    250202-j338hasrcv

  • MD5

    5d413c46e6be13803b3ad0a07a550a6c

  • SHA1

    385cf6ccc1d89c5c105121f585ab6764019a1afb

  • SHA256

    63426b748160cff2c0a541eb2c06b2d81497a84d20351fca212c13e9779af8af

  • SHA512

    a2d71a3a8987174439a45304c9a24e749dd4531fd9396a656eaa52e19c8342341d1f44ce116584d050e0fb5ed9c7646b87ce769efbf0cec2798bc9f14fdd8822

  • SSDEEP

    6144:n6fr8JmUhbNIj7kHr8CQXBV+UdvrEFp7hKs:n6D8LnikL8CQXBjvrEH77

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      63426b748160cff2c0a541eb2c06b2d81497a84d20351fca212c13e9779af8af

    • Size

      272KB

    • MD5

      5d413c46e6be13803b3ad0a07a550a6c

    • SHA1

      385cf6ccc1d89c5c105121f585ab6764019a1afb

    • SHA256

      63426b748160cff2c0a541eb2c06b2d81497a84d20351fca212c13e9779af8af

    • SHA512

      a2d71a3a8987174439a45304c9a24e749dd4531fd9396a656eaa52e19c8342341d1f44ce116584d050e0fb5ed9c7646b87ce769efbf0cec2798bc9f14fdd8822

    • SSDEEP

      6144:n6fr8JmUhbNIj7kHr8CQXBV+UdvrEFp7hKs:n6D8LnikL8CQXBjvrEH77

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks