diamondfox | 38bb9077def7aca1ecb5c0fab00e96dc0c41543b6e6d6541295687f2bcaac1a0 | Triage

Submit
Reports

Overview

overview

Static

static

1

Zui-Setup-1.3.0.exe

windows7-x64

Zui-Setup-1.3.0.exe

windows10-2004-x64

Sharing

General

Target

Zui-Setup-1.3.0.exe
Size

137.6MB
Sample

231012-1cmlhabe9v
MD5

0dbedea49c97ceb36fe82f6b9330a4be
SHA1

be892e61af06d74de7461b26cbed4ecf7f4c1c24
SHA256

38bb9077def7aca1ecb5c0fab00e96dc0c41543b6e6d6541295687f2bcaac1a0
SHA512

d76fcbb20fc8c871fb9ac0b5afa20346473f918f97ef2b8e15767af9f45d42833e84f5d0dfa751c1a0018f699df8ec0cc96f4ad1eaf4c403e85072edddf50572
SSDEEP

3145728:DG3pqx3VJ7Y2LJPc2nX/IhLDKjv8/LZ/HN2hqL66A9:yZqxlJVNjXgh/mOt/t2ha/4

Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Zui-Setup-1.3.0.exe

Resource

win7-20230831-en

diamondfox evilnum snakekeylogger botnet infostealer keylogger pyinstaller stealer trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zui-Setup-1.3.0.exe

Resource

win10v2004-20230915-en

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zui-Setup-1.3.0.exe
- Size
  
  137.6MB
- MD5
  
  0dbedea49c97ceb36fe82f6b9330a4be
- SHA1
  
  be892e61af06d74de7461b26cbed4ecf7f4c1c24
- SHA256
  
  38bb9077def7aca1ecb5c0fab00e96dc0c41543b6e6d6541295687f2bcaac1a0
- SHA512
  
  d76fcbb20fc8c871fb9ac0b5afa20346473f918f97ef2b8e15767af9f45d42833e84f5d0dfa751c1a0018f699df8ec0cc96f4ad1eaf4c403e85072edddf50572
- SSDEEP
  
  3145728:DG3pqx3VJ7Y2LJPc2nX/IhLDKjv8/LZ/HN2hqL66A9:yZqxlJVNjXgh/mOt/t2ha/4
Score

10^/10

diamondfox evilnum snakekeylogger botnet infostealer keylogger pyinstaller stealer trojan discovery
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- EvilNum C# Component
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
  infostealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

diamondfoxevilnumsnakekeyloggerbotnetinfostealerkeyloggerpyinstallerstealertrojan

behavioral2

diamondfoxevilnumsnakekeyloggerbotnetdiscoveryinfostealerkeyloggerpyinstallerstealertrojan

© 2018-2024

Terms | Privacy