diamondfox | 7065e6eec89b53663d4d4544faf89b95d45090d484c83a3615edee72c4b252ea | Triage

Submit
Reports

Overview

overview

Static

static

3

d4eda8c3a6...fc.exe

windows7-x64

d4eda8c3a6...fc.exe

windows10-2004-x64

Sharing

General

Target

d4eda8c3a64fb7ef7252d80f8eebcda30cc2bd2ca894970524f21b7064647afc.zip
Size

30KB
Sample

230829-chmlpacd6v
MD5

a40947b2b945ed1daf05620c20c9a9c3
SHA1

37215c17e8ec18ddea55f1cc5f5a34b01dd45ef4
SHA256

7065e6eec89b53663d4d4544faf89b95d45090d484c83a3615edee72c4b252ea
SHA512

177ae1910f09027a1cbd2ddb07f4728647211c24614cd11b82eaca3b2614cdc5b76371d770f250fd6eb9e12e74e4811c1b8f935ad9d80db717bcf3bd1150cc45
SSDEEP

768:eZJJ4zb4/zxnPXVyF2+b1BfMYZDTfMIxkDdEPbX3Jbmby:We4J+2k1BkYZDTrkDiD1Oy

Score

10^/10

diamondfox botnet infostealer stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d4eda8c3a64fb7ef7252d80f8eebcda30cc2bd2ca894970524f21b7064647afc.exe

Resource

win7-20230824-en

diamondfox botnet infostealer stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

d4eda8c3a64fb7ef7252d80f8eebcda30cc2bd2ca894970524f21b7064647afc.exe

Resource

win10v2004-20230703-en

diamondfox botnet infostealer stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  d4eda8c3a64fb7ef7252d80f8eebcda30cc2bd2ca894970524f21b7064647afc
- Size
  
  34KB
- MD5
  
  5eb3277e4b057015e82ecf8b7d4d201d
- SHA1
  
  25abcee80291edf1092d146bd233854ba7e205b7
- SHA256
  
  d4eda8c3a64fb7ef7252d80f8eebcda30cc2bd2ca894970524f21b7064647afc
- SHA512
  
  2600d4b469608071d84e481776147bac1bd1d0e9761b1c322d31c856941ce988b4cd08c44acdc3979d4b33f080957bfe287148dda09b3563e50d5f88bb31ae18
- SSDEEP
  
  768:MRr1TNaD5ksyOcwTLFSwMxECyDiJHjRv5AmGRIp+nbcuyD7UMI:arTaD5kEJ1SwjCyDiJTAmGRIp+nouy8L
Score

10^/10

diamondfox botnet infostealer stealer
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
  infostealer
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

diamondfoxbotnetinfostealerstealer

behavioral2

diamondfoxbotnetinfostealerstealer

© 2018-2024

Terms | Privacy