General
-
Target
2025-03-03_f668b77bbcd9cb3a33f579682379ad9b_floxif_hijackloader_mafia
-
Size
2.7MB
-
Sample
250303-ry56aszrv4
-
MD5
f668b77bbcd9cb3a33f579682379ad9b
-
SHA1
96c08e5edee6025bf79c99c0564b99ab50ec086c
-
SHA256
370c2672715b6b2ed5f241be1c5deb064fe266f21e26bbf9d2924c861d2d6ce7
-
SHA512
cc8f5654826d43b41a2d9973e8b315eb781a367461c9050e6ee591047c2eab363994b37543a33b39ad08935e1cd49a1bc4d0a0d113f3d65672b0745f9a30534d
-
SSDEEP
49152:zPE6vXDUOYQMqclLy0wsXuhXabboP4ACQDAknmCKlzI8ndvyw+AZ/WY4N2WwW/K2:LFvXfMFLySXuhXa/oP4ACYAknmCOIsyx
Malware Config
Targets
-
-
Target
2025-03-03_f668b77bbcd9cb3a33f579682379ad9b_floxif_hijackloader_mafia
-
Size
2.7MB
-
MD5
f668b77bbcd9cb3a33f579682379ad9b
-
SHA1
96c08e5edee6025bf79c99c0564b99ab50ec086c
-
SHA256
370c2672715b6b2ed5f241be1c5deb064fe266f21e26bbf9d2924c861d2d6ce7
-
SHA512
cc8f5654826d43b41a2d9973e8b315eb781a367461c9050e6ee591047c2eab363994b37543a33b39ad08935e1cd49a1bc4d0a0d113f3d65672b0745f9a30534d
-
SSDEEP
49152:zPE6vXDUOYQMqclLy0wsXuhXabboP4ACQDAknmCKlzI8ndvyw+AZ/WY4N2WwW/K2:LFvXfMFLySXuhXa/oP4ACYAknmCOIsyx
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-