Overview

overview

10

Static

static

3

2025-02-06...ia.exe

windows7-x64

10

2025-02-06...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-06_fd4ca04d1ce305eed73c2887b55dc358_floxif_mafia

  • Size

    1.0MB

  • Sample

    250206-ltngss1met

  • MD5

    fd4ca04d1ce305eed73c2887b55dc358

  • SHA1

    333e163124154e5cce1a7a27f2437477c0baf82d

  • SHA256

    c04638132d2ccaee3a97889c9b949b0abd8eb1a16deaf7a84f6beded11713eb5

  • SHA512

    05bb755f08c4c76886a4ee2f02e8da8f25ce176c686c52ef7686d87f68bf459ebf9b8535ffbba15647490e219e743d6e8160be89917926215d1d8c0f1fda5d97

  • SSDEEP

    24576:ANpZ2S2PdaGsSjFaPKmB9A99JvcUgrEH7M:k72CNmFaCmBejJFs

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2025-02-06_fd4ca04d1ce305eed73c2887b55dc358_floxif_mafia

    • Size

      1.0MB

    • MD5

      fd4ca04d1ce305eed73c2887b55dc358

    • SHA1

      333e163124154e5cce1a7a27f2437477c0baf82d

    • SHA256

      c04638132d2ccaee3a97889c9b949b0abd8eb1a16deaf7a84f6beded11713eb5

    • SHA512

      05bb755f08c4c76886a4ee2f02e8da8f25ce176c686c52ef7686d87f68bf459ebf9b8535ffbba15647490e219e743d6e8160be89917926215d1d8c0f1fda5d97

    • SSDEEP

      24576:ANpZ2S2PdaGsSjFaPKmB9A99JvcUgrEH7M:k72CNmFaCmBejJFs

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks