General
-
Target
2025-04-24_e8e1884d13ead2398a71206c9c1cacac_amadey_black-basta_cobalt-strike_elex_floxif_hijackloader_luca-stealer_metamorfo_smoke-loader
-
Size
378KB
-
Sample
250424-pxmw8az1hy
-
MD5
e8e1884d13ead2398a71206c9c1cacac
-
SHA1
9e9b42586b1496e8f4209b7da231c49f8fc3f093
-
SHA256
538824c379d4df69f77e719b00ff4978283736a8d5ad2a4926a7bd978ba562f8
-
SHA512
1d72637823959808322ef40f6a0920d7dad2de35b7806889612d4a2aa5385d55c055ad0969c040c72d52e7616e537ddd5d20275dfeff882c4276eb8f83d3b5b5
-
SSDEEP
6144:YDZ2PxZD6LFSqC7T1GCfgiAPj6SCAOJOTIwc4qQx+DeZAVy6NBV+UdvrEFp7hKC:YDZQZX7T1GCfgPCzOTIwpx+De6Vy6NBE
Malware Config
Targets
-
-
Target
2025-04-24_e8e1884d13ead2398a71206c9c1cacac_amadey_black-basta_cobalt-strike_elex_floxif_hijackloader_luca-stealer_metamorfo_smoke-loader
-
Size
378KB
-
MD5
e8e1884d13ead2398a71206c9c1cacac
-
SHA1
9e9b42586b1496e8f4209b7da231c49f8fc3f093
-
SHA256
538824c379d4df69f77e719b00ff4978283736a8d5ad2a4926a7bd978ba562f8
-
SHA512
1d72637823959808322ef40f6a0920d7dad2de35b7806889612d4a2aa5385d55c055ad0969c040c72d52e7616e537ddd5d20275dfeff882c4276eb8f83d3b5b5
-
SSDEEP
6144:YDZ2PxZD6LFSqC7T1GCfgiAPj6SCAOJOTIwc4qQx+DeZAVy6NBV+UdvrEFp7hKC:YDZQZX7T1GCfgPCzOTIwpx+De6Vy6NBE
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-