Overview

overview

10

Static

static

3

2025-04-03...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-03_eb4b6f92e4efe5f392c447c58bc5cd4e_amadey_floxif_smoke-loader

  • Size

    1.5MB

  • Sample

    250403-wrvs7stqt4

  • MD5

    eb4b6f92e4efe5f392c447c58bc5cd4e

  • SHA1

    639622cb17a360fc99081050ba604a078edd6c07

  • SHA256

    04d209e3abebc2ec4406b72c98834ba3cccbdf0276cf32f358df07522e213dce

  • SHA512

    0d15cecc9523f3eeec1fbe462744db534b5cd411ef10c90d4388e64f41149f24dfe48bd244cf7dc711561f9c64e6cdfca27118fddcf7267775fd7ae8f1e8238a

  • SSDEEP

    24576:DvtSzJ6v1ynnXyJDetxtYjfscemhn4zN3YCPP/ESqWWiF4z8Ea/rEH7n:giJDW2URmNgN3v3/EtiQ8U

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2025-04-03_eb4b6f92e4efe5f392c447c58bc5cd4e_amadey_floxif_smoke-loader

    • Size

      1.5MB

    • MD5

      eb4b6f92e4efe5f392c447c58bc5cd4e

    • SHA1

      639622cb17a360fc99081050ba604a078edd6c07

    • SHA256

      04d209e3abebc2ec4406b72c98834ba3cccbdf0276cf32f358df07522e213dce

    • SHA512

      0d15cecc9523f3eeec1fbe462744db534b5cd411ef10c90d4388e64f41149f24dfe48bd244cf7dc711561f9c64e6cdfca27118fddcf7267775fd7ae8f1e8238a

    • SSDEEP

      24576:DvtSzJ6v1ynnXyJDetxtYjfscemhn4zN3YCPP/ESqWWiF4z8Ea/rEH7n:giJDW2URmNgN3v3/EtiQ8U

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif family

      floxif

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks