General
-
Target
2025-03-30_4311b410628d58ddd37451c79cb701f2_black-basta_cobalt-strike_floxif_luca-stealer
-
Size
212KB
-
Sample
250330-jhwypatsa1
-
MD5
4311b410628d58ddd37451c79cb701f2
-
SHA1
0c55feb995d09a1e0e79dbceae1f66f75a936463
-
SHA256
a7afa57520cef85f4bf790bc3c3745ff45ad52092253925a39a3e0c13472c8d5
-
SHA512
f738ccdcdd10f72c3c9ae6c90b680180679311d46a7a3368126d0f304787588c628e4862a92f945df9149abd7fbf5856ea5adbdba4f4732bedcf5c67f4a0605b
-
SSDEEP
6144:cBWTaxvzCxEdOzksQpfg2LBV+UdvrEFp7hK2x:cBWTaxZ9sOg2LBjvrEH7/
Malware Config
Targets
-
-
Target
2025-03-30_4311b410628d58ddd37451c79cb701f2_black-basta_cobalt-strike_floxif_luca-stealer
-
Size
212KB
-
MD5
4311b410628d58ddd37451c79cb701f2
-
SHA1
0c55feb995d09a1e0e79dbceae1f66f75a936463
-
SHA256
a7afa57520cef85f4bf790bc3c3745ff45ad52092253925a39a3e0c13472c8d5
-
SHA512
f738ccdcdd10f72c3c9ae6c90b680180679311d46a7a3368126d0f304787588c628e4862a92f945df9149abd7fbf5856ea5adbdba4f4732bedcf5c67f4a0605b
-
SSDEEP
6144:cBWTaxvzCxEdOzksQpfg2LBV+UdvrEFp7hK2x:cBWTaxZ9sOg2LBjvrEH7/
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-