Overview

overview

10

Static

static

54cc0861c0...02.exe

windows7_x64

10

54cc0861c0...02.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5960499468599296.zip

  • Size

    153KB

  • Sample

    210805-z48ejgq22a

  • MD5

    982e3585f291c5b8a16211697141d012

  • SHA1

    3d1d2541e62d09c2d836b5d00bc56b2685a51841

  • SHA256

    7f60e7e84d3c41ba78df6718bf8b3e41af626956e56f9e98ca5a370f6ef7f53c

  • SHA512

    d50014e18e92923bfd50947ae3e466a39111c90ca12d0c0cbaa4ce68c4e34095994dd7282bd4f92aab0fb4d243e589db276cebfd365d2719bbd1bf7158622ca6

Score
10/10
diamondfoxbotnetstealer

Malware Config

Targets

    • Target

      54cc0861c094317e4aafa4508e389e626588e1a1b6455deb445c5816ed7c2d02

    • Size

      1.5MB

    • MD5

      d04da71fa3ec4f986aebf533c7f500cd

    • SHA1

      351792c9d94e6fefc9ba91a12d1a220eb28eb7b7

    • SHA256

      54cc0861c094317e4aafa4508e389e626588e1a1b6455deb445c5816ed7c2d02

    • SHA512

      713ca22d97673fc30b3d164375cf5d5629b7d6d680d82b8cb552c65592eb619735fc1ce8e5c92a93112d49baf37a24aed244f4bd721de8177d5fba12cec36840

    Score
    10/10
    diamondfoxbotnetstealer

    • DiamondFox

      DiamondFox is a multipurpose botnet with many capabilities.

      botnetstealerdiamondfox

    • DiamondFox payload

      Detects DiamondFox payload in file/memory.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks