Overview

overview

10

Static

static

7b2944122a...60.exe

windows7_x64

10

7b2944122a...60.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b2944122a7d202bf76e409529d9e05d2caf327372715b2361fbc6ec7c2ac660

  • Size

    154KB

  • Sample

    210303-qzpe4z6xyn

  • MD5

    97f7bbf2f5861692617d661758bcf35b

  • SHA1

    d59a0e3d77e22523a2fb657f756adebc32452ee0

  • SHA256

    7b2944122a7d202bf76e409529d9e05d2caf327372715b2361fbc6ec7c2ac660

  • SHA512

    eb8a846c2c16c3f405bf554ae715e915df680af0fd2901f427679a1cc5910ce5d2cb8e72c66ad2a6720093fde5c6156833aaa02655e5fd25a3e1b002251c7767

Score
10/10
diamondfoxbotnetstealer

Malware Config

Targets

    • Target

      7b2944122a7d202bf76e409529d9e05d2caf327372715b2361fbc6ec7c2ac660

    • Size

      154KB

    • MD5

      97f7bbf2f5861692617d661758bcf35b

    • SHA1

      d59a0e3d77e22523a2fb657f756adebc32452ee0

    • SHA256

      7b2944122a7d202bf76e409529d9e05d2caf327372715b2361fbc6ec7c2ac660

    • SHA512

      eb8a846c2c16c3f405bf554ae715e915df680af0fd2901f427679a1cc5910ce5d2cb8e72c66ad2a6720093fde5c6156833aaa02655e5fd25a3e1b002251c7767

    Score
    10/10
    diamondfoxbotnetstealer

    • DiamondFox

      DiamondFox is a multipurpose botnet with many capabilities.

      botnetstealerdiamondfox

    • DiamondFox payload

      Detects DiamondFox payload in file/memory.

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks