floxif | 886f80cc1fe6a75b998ea19efe5df4599ea75c00017fa3118b3bef37c2a7e56c

General

Target

886f80cc1fe6a75b998ea19efe5df4599ea75c00017fa3118b3bef37c2a7e56c
Size

234KB
Sample

250209-hn6jmszncq
MD5

95115fc6aabd27246ca8d13fa7a6b2b6
SHA1

697c73b8c8173a326e5d170035295aab6c434704
SHA256

886f80cc1fe6a75b998ea19efe5df4599ea75c00017fa3118b3bef37c2a7e56c
SHA512

1898cb75ca3886beb49bf18fa166a5ad1c2e08fe1c1b52fb5cba62331e26e159119c7391f8c3c38454fbfb72a55f412b486616e801dae593ef23055df77a2b7e
SSDEEP

3072:uwzvOYTf5XmvT/DvbEvK9aobNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZiA:bfpKh9H/B+/kBV+UdvrEFp7hKj

Score

10^/10

Malware Config

Targets

- Target
  
  886f80cc1fe6a75b998ea19efe5df4599ea75c00017fa3118b3bef37c2a7e56c
- Size
  
  234KB
- MD5
  
  95115fc6aabd27246ca8d13fa7a6b2b6
- SHA1
  
  697c73b8c8173a326e5d170035295aab6c434704
- SHA256
  
  886f80cc1fe6a75b998ea19efe5df4599ea75c00017fa3118b3bef37c2a7e56c
- SHA512
  
  1898cb75ca3886beb49bf18fa166a5ad1c2e08fe1c1b52fb5cba62331e26e159119c7391f8c3c38454fbfb72a55f412b486616e801dae593ef23055df77a2b7e
- SSDEEP
  
  3072:uwzvOYTf5XmvT/DvbEvK9aobNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZiA:bfpKh9H/B+/kBV+UdvrEFp7hKj
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- Downloads MZ/PE file
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

System Network Configuration Discovery

1

T1016

Internet Connection Discovery

1

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

Downloads MZ/PE file

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2