Overview

overview

10

Static

static

b526619f97...in.exe

windows7_x64

10

b526619f97...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b526619f97cfcfb709fb1684d01e82b6511bb9e2eab52570f39b7498dccbedf4.bin

  • Size

    190KB

  • Sample

    210406-2tymz2qfce

  • MD5

    2bc219ed6654653e817a2960ac924a7e

  • SHA1

    c547d9c8ea50473b72c0b85672cf32ca5e9558b8

  • SHA256

    b526619f97cfcfb709fb1684d01e82b6511bb9e2eab52570f39b7498dccbedf4

  • SHA512

    6edebb8ed8bae2f50b64f903b52f82385daca9a9f1b2e87b57deabe3e8da593f9aed1903c86fe8fc443e86f7645428f89a38e78e9e1d26da6d8af05594ed2752

Score
10/10
diamondfoxbotnetstealer

Malware Config

Targets

    • Target

      b526619f97cfcfb709fb1684d01e82b6511bb9e2eab52570f39b7498dccbedf4.bin

    • Size

      190KB

    • MD5

      2bc219ed6654653e817a2960ac924a7e

    • SHA1

      c547d9c8ea50473b72c0b85672cf32ca5e9558b8

    • SHA256

      b526619f97cfcfb709fb1684d01e82b6511bb9e2eab52570f39b7498dccbedf4

    • SHA512

      6edebb8ed8bae2f50b64f903b52f82385daca9a9f1b2e87b57deabe3e8da593f9aed1903c86fe8fc443e86f7645428f89a38e78e9e1d26da6d8af05594ed2752

    Score
    10/10
    diamondfoxbotnetstealer

    • DiamondFox

      DiamondFox is a multipurpose botnet with many capabilities.

      botnetstealerdiamondfox

    • DiamondFox payload

      Detects DiamondFox payload in file/memory.

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks