General

  • Target

    9a5565b8e591a7bda1d7a8824c67e37c36933e056fba84c5e454ebd90d1b248f.exe

  • Size

    459KB

  • Sample

    210529-l6dswr5xaj

  • MD5

    195eecffa8cb3f26eb11eb4aa379eaf6

  • SHA1

    88feb6f6d975581a680e07bd9f421167b6a852d1

  • SHA256

    9a5565b8e591a7bda1d7a8824c67e37c36933e056fba84c5e454ebd90d1b248f

  • SHA512

    03b41c14b68990bead4a75fa35682b7c48ee97fb31d05d2f678d59826b66ea3b1211fb7ee3bffb0ba9c2ffe514ee78503674db25a49726717c160f3bc3b21f8a

Malware Config

Targets

    • Target

      9a5565b8e591a7bda1d7a8824c67e37c36933e056fba84c5e454ebd90d1b248f.exe

    • Size

      459KB

    • MD5

      195eecffa8cb3f26eb11eb4aa379eaf6

    • SHA1

      88feb6f6d975581a680e07bd9f421167b6a852d1

    • SHA256

      9a5565b8e591a7bda1d7a8824c67e37c36933e056fba84c5e454ebd90d1b248f

    • SHA512

      03b41c14b68990bead4a75fa35682b7c48ee97fb31d05d2f678d59826b66ea3b1211fb7ee3bffb0ba9c2ffe514ee78503674db25a49726717c160f3bc3b21f8a

    • DiamondFox

      DiamondFox is a multipurpose botnet with many capabilities.

    • DiamondFox payload

      Detects DiamondFox payload in file/memory.

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks