General
-
Target
7a1833f7b91269b9f0eb48f9bba3db9cc444f749d82255322e1f8e221612895f
-
Size
18KB
-
Sample
221026-2d36bahedp
-
MD5
8f77d92060389f5733905710714556ce
-
SHA1
f817bbd59241f5dd732259784c2fabff78d1dfde
-
SHA256
7a1833f7b91269b9f0eb48f9bba3db9cc444f749d82255322e1f8e221612895f
-
SHA512
313e5b16ac7d556a74d19b2610f5e811694c1a660a460604afe5272f416fb1f7f2d04cea173dc9f2ce392e42101225fa0850f03ceaf46616d52347c96097468a
-
SSDEEP
384:NJE1O9JBp+U2CYf00mrtWivKSmSggQmUWgVhkXHQ1:NFI0/XvdJUVhgH
Malware Config
Targets
-
-
Target
7a1833f7b91269b9f0eb48f9bba3db9cc444f749d82255322e1f8e221612895f
-
Size
18KB
-
MD5
8f77d92060389f5733905710714556ce
-
SHA1
f817bbd59241f5dd732259784c2fabff78d1dfde
-
SHA256
7a1833f7b91269b9f0eb48f9bba3db9cc444f749d82255322e1f8e221612895f
-
SHA512
313e5b16ac7d556a74d19b2610f5e811694c1a660a460604afe5272f416fb1f7f2d04cea173dc9f2ce392e42101225fa0850f03ceaf46616d52347c96097468a
-
SSDEEP
384:NJE1O9JBp+U2CYf00mrtWivKSmSggQmUWgVhkXHQ1:NFI0/XvdJUVhgH
Score10/10-
DiamondFox
DiamondFox is a multipurpose botnet with many capabilities.
-
UAC bypass
-
Windows security bypass
-
Executes dropped EXE
-
Deletes itself
-
Drops startup file
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-