Overview

overview

10

Static

static

1

c103f7f4bd...4a.exe

windows7-x64

10

c103f7f4bd...4a.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c103f7f4bd09c42a4f938fc484fcec234c23a9fdb5069f575a279fae9b03614a

  • Size

    277KB

  • Sample

    250330-h62neavnz4

  • MD5

    1827052de33083e48266d1100a70f1bd

  • SHA1

    8228114be85e463b53819c57cf1c3c6926d94ba9

  • SHA256

    c103f7f4bd09c42a4f938fc484fcec234c23a9fdb5069f575a279fae9b03614a

  • SHA512

    d4e81d2d9d53e97df746fa243195ae4a5ade71e1e986f1ec2936ac0fcc3adae6811e851d2f74416f6387b67d0fd4a0c21f16dcd04a72bf02f9eea5fc9dd42801

  • SSDEEP

    6144:DrDAFl/DRfkTC3dM7B+mCivBV+UdvrEFp7hK/U:DrDAFlbRfky6B+mCABjvrEH7QU

Score
10/10
floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

Malware Config

Targets

    • Target

      c103f7f4bd09c42a4f938fc484fcec234c23a9fdb5069f575a279fae9b03614a

    • Size

      277KB

    • MD5

      1827052de33083e48266d1100a70f1bd

    • SHA1

      8228114be85e463b53819c57cf1c3c6926d94ba9

    • SHA256

      c103f7f4bd09c42a4f938fc484fcec234c23a9fdb5069f575a279fae9b03614a

    • SHA512

      d4e81d2d9d53e97df746fa243195ae4a5ade71e1e986f1ec2936ac0fcc3adae6811e851d2f74416f6387b67d0fd4a0c21f16dcd04a72bf02f9eea5fc9dd42801

    • SSDEEP

      6144:DrDAFl/DRfkTC3dM7B+mCivBV+UdvrEFp7hK/U:DrDAFlbRfky6B+mCABjvrEH7QU

    Score
    10/10
    floxifbackdoordiscoverypersistenceprivilege_escalationtrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks