diamondfox | f771b277221c7b1f569e44b18537b50f406f236412f57e04a9a5cc54f072e519 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

DRAFT HBL ...SO.scr

windows7_x64

DRAFT HBL ...SO.scr

windows10_x64

Sharing

General

Target

DRAFT HBL 2007106 林瑞 TO NEW DELHI SO NO. 7383 CLOSING 07-20 正在寄送電子郵件林瑞-1090715-7383-SO.scr
Size

573KB
Sample

200716-fsa1t7nb5j
MD5

72bb8e802c14c18dc8822db3b15d6e38
SHA1

ca47292b04a271bc7dbb09cf8bb966eaa478783d
SHA256

f771b277221c7b1f569e44b18537b50f406f236412f57e04a9a5cc54f072e519
SHA512

f623bdad2e2a259bc4ddc2ba35b7f81c3380e39bcdfdc86506ce22ca717cd223904c30bd48a400319c3e6197bf885fefc1503967b9815e7d734de2d96220332c

Score

10^/10

diamondfox botnet stealer

Static task

static1

Behavioral task

behavioral1

Sample

DRAFT HBL 2007106 林瑞 TO NEW DELHI SO NO. 7383 CLOSING 07-20 正在寄送電子郵件林瑞-1090715-7383-SO.scr

Resource

win7

diamondfox botnet stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DRAFT HBL 2007106 林瑞 TO NEW DELHI SO NO. 7383 CLOSING 07-20 正在寄送電子郵件林瑞-1090715-7383-SO.scr

Resource

win10v200430

diamondfox botnet stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  DRAFT HBL 2007106 林瑞 TO NEW DELHI SO NO. 7383 CLOSING 07-20 正在寄送電子郵件林瑞-1090715-7383-SO.scr
- Size
  
  573KB
- MD5
  
  72bb8e802c14c18dc8822db3b15d6e38
- SHA1
  
  ca47292b04a271bc7dbb09cf8bb966eaa478783d
- SHA256
  
  f771b277221c7b1f569e44b18537b50f406f236412f57e04a9a5cc54f072e519
- SHA512
  
  f623bdad2e2a259bc4ddc2ba35b7f81c3380e39bcdfdc86506ce22ca717cd223904c30bd48a400319c3e6197bf885fefc1503967b9815e7d734de2d96220332c
Score

10^/10

diamondfox botnet stealer
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
- ServiceHost packer
  Detects ServiceHost packer used for .NET malware
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

diamondfoxbotnetstealer

behavioral2

diamondfoxbotnetstealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.