diamondfox | 9572678d8cf6138630ff47b2ea0f72bc29921b06aaf1e6e8881012d4e0c55a16 | Triage

Submit
Reports

Overview

overview

Static

static

1

Zui Setup 1.3.0.exe

windows7-x64

Zui Setup 1.3.0.exe

windows10-2004-x64

Sharing

General

Target

Zui Setup 1.3.0.exe
Size

137.5MB
Sample

231012-18jvgsdd2z
MD5

9cd222934cfc3510b5ad39a9465723c9
SHA1

d210a1a10b3a92368cfa054340841b8fbf3df5b3
SHA256

9572678d8cf6138630ff47b2ea0f72bc29921b06aaf1e6e8881012d4e0c55a16
SHA512

94db3ad3f12dd52074734a55222d39cc7e9ea0b4c668ece916ca0f0b8646e33cbe59cfb66719c3e2870d6505eccfddfd7e670d5cbc102457e725829a036abc61
SSDEEP

3145728:LB3pFlC3VJ7Y2LaBxMIrApv8T+Gzt2ASDFSoFHInRK3s:lZLClJVG8c+CEASYomWs

Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Zui Setup 1.3.0.exe

Resource

win7-20230831-en

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zui Setup 1.3.0.exe

Resource

win10v2004-20230915-en

diamondfox evilnum snakekeylogger botnet infostealer keylogger pyinstaller stealer trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zui Setup 1.3.0.exe
- Size
  
  137.5MB
- MD5
  
  9cd222934cfc3510b5ad39a9465723c9
- SHA1
  
  d210a1a10b3a92368cfa054340841b8fbf3df5b3
- SHA256
  
  9572678d8cf6138630ff47b2ea0f72bc29921b06aaf1e6e8881012d4e0c55a16
- SHA512
  
  94db3ad3f12dd52074734a55222d39cc7e9ea0b4c668ece916ca0f0b8646e33cbe59cfb66719c3e2870d6505eccfddfd7e670d5cbc102457e725829a036abc61
- SSDEEP
  
  3145728:LB3pFlC3VJ7Y2LaBxMIrApv8T+Gzt2ASDFSoFHInRK3s:lZLClJVG8c+CEASYomWs
Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- EvilNum C# Component
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
  infostealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

diamondfoxevilnumsnakekeyloggerbotnetdiscoveryinfostealerkeyloggerpyinstallerstealertrojan

behavioral2

diamondfoxevilnumsnakekeyloggerbotnetinfostealerkeyloggerpyinstallerstealertrojan

© 2018-2024

Terms | Privacy