General
-
Target
1607460946_Loade.exe
-
Size
140KB
-
Sample
210122-r1d2zp4t5n
-
MD5
7bf6de1dc69718455fb90e9a30a9183d
-
SHA1
3a7f90978908d56d2b689aede98572581442cb19
-
SHA256
8ca67e40d0d3826efc58feb163760f994eae52731f74c2a3d0d45148a2996bb2
-
SHA512
78d208eb831789a85d3a5920560fa7c7fe1385491830dbc1e6caac35bb7cba66692cdc1d6b9c06f12a80767e1fa78cb56f011ab9e982839976757fd6cc08ccd9
Malware Config
Targets
-
-
Target
1607460946_Loade.exe
-
Size
140KB
-
MD5
7bf6de1dc69718455fb90e9a30a9183d
-
SHA1
3a7f90978908d56d2b689aede98572581442cb19
-
SHA256
8ca67e40d0d3826efc58feb163760f994eae52731f74c2a3d0d45148a2996bb2
-
SHA512
78d208eb831789a85d3a5920560fa7c7fe1385491830dbc1e6caac35bb7cba66692cdc1d6b9c06f12a80767e1fa78cb56f011ab9e982839976757fd6cc08ccd9
Score10/10-
DiamondFox
DiamondFox is a multipurpose botnet with many capabilities.
-
DiamondFox payload
Detects DiamondFox payload in file/memory.
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-