floxif | 01af7efc78466cd0a52da95f5e9744f2c3d4384dabcf73b5258a593362eed6e7

General

Target

01af7efc78466cd0a52da95f5e9744f2c3d4384dabcf73b5258a593362eed6e7
Size

180KB
Sample

250207-xts8tstlgw
MD5

6e445700765d169ed228d4b1fa2775b1
SHA1

09a98fedc7038055a1a2d2359719ffe458b2d66c
SHA256

01af7efc78466cd0a52da95f5e9744f2c3d4384dabcf73b5258a593362eed6e7
SHA512

bec2dff0d4056bb8002e5318cd62850103e84b18cc5a497e6bef506ed97750e08c24d5dcf6137a83dcc2af15013bac902694810eacdd22207030555a9a79ccb9
SSDEEP

3072:HTcWUUZUq2mDgcRoF992lQBV+UdE+rECWp7hK0SyS:HTcPBqtD2hBV+UdvrEFp7hKZb

Score

10^/10

Malware Config

Targets

- Target
  
  01af7efc78466cd0a52da95f5e9744f2c3d4384dabcf73b5258a593362eed6e7
- Size
  
  180KB
- MD5
  
  6e445700765d169ed228d4b1fa2775b1
- SHA1
  
  09a98fedc7038055a1a2d2359719ffe458b2d66c
- SHA256
  
  01af7efc78466cd0a52da95f5e9744f2c3d4384dabcf73b5258a593362eed6e7
- SHA512
  
  bec2dff0d4056bb8002e5318cd62850103e84b18cc5a497e6bef506ed97750e08c24d5dcf6137a83dcc2af15013bac902694810eacdd22207030555a9a79ccb9
- SSDEEP
  
  3072:HTcWUUZUq2mDgcRoF992lQBV+UdE+rECWp7hK0SyS:HTcPBqtD2hBV+UdvrEFp7hKZb
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- Downloads MZ/PE file
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

System Network Configuration Discovery

1

T1016

Internet Connection Discovery

1

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

Downloads MZ/PE file

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2