floxif | ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b | Triage

Submit
Reports

Overview

overview

Static

static

1

ad0f938f63...6b.exe

windows7-x64

ad0f938f63...6b.exe

windows10-2004-x64

3

Sharing

General

Target

ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b
Size

277KB
Sample

250203-gfgpwatpak
MD5

3891a60b71226fb3c7782eed5553bf26
SHA1

586df9e4bc944d2dd3b3ee55c9f6dfba3de523e5
SHA256

ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b
SHA512

dda0b3f95b2c6dc5cfa17b24c37f947ca222dd68f98f4ad7e971d0f24f96a3aed841183482abd3c4eeadce34878be61aecf5089123dd01ab186b671894d91251
SSDEEP

3072:aHrfzY6c6X/YFW4l/DReos0gpdWdMuIB+NSzx602h9dXawrlvHcSktE5hcRQjpaU:AA3l/DRfkp6MnB++CuBV+UdvrEFp7hK6

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b.exe

Resource

win7-20240903-en

floxif backdoor discovery trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b.exe

Resource

win10v2004-20250129-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b
- Size
  
  277KB
- MD5
  
  3891a60b71226fb3c7782eed5553bf26
- SHA1
  
  586df9e4bc944d2dd3b3ee55c9f6dfba3de523e5
- SHA256
  
  ad0f938f6333086809d2d11239a980e9a76296ea8aceb039f8c677e25534526b
- SHA512
  
  dda0b3f95b2c6dc5cfa17b24c37f947ca222dd68f98f4ad7e971d0f24f96a3aed841183482abd3c4eeadce34878be61aecf5089123dd01ab186b671894d91251
- SSDEEP
  
  3072:aHrfzY6c6X/YFW4l/DReos0gpdWdMuIB+NSzx602h9dXawrlvHcSktE5hcRQjpaU:AA3l/DRfkp6MnB++CuBV+UdvrEFp7hK6
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

© 2018-2025

Terms | Privacy