diamondfox | 8e897ded8b0e16fa2120cdf746e820c2b6942f25d23a90fd6d5a1a9155c3e7f7 | Triage

Submit
Reports

Overview

overview

Static

static

1

Zui---Insi...-5.exe

windows7-x64

Zui---Insi...-5.exe

windows10-2004-x64

4

Sharing

General

Target

Zui---Insiders-Setup-1.3.1-5.exe
Size

137.6MB
Sample

231012-1sektseb73
MD5

daeb66e1363288bcfdab882299217095
SHA1

a8fb7190057ac6dbb3333ee9075532e182c43496
SHA256

8e897ded8b0e16fa2120cdf746e820c2b6942f25d23a90fd6d5a1a9155c3e7f7
SHA512

e0edeed01a0959fed655f81d2b58a404813fa90aa713c6576b1cbf7dcfe71255682e146edde53876c0f6636f743c606c6705e80a4c13c3ec36cc12ae6f893fc8
SSDEEP

3145728:/f3pza3VJ7Y2Lh2WOSdyclhsJtZUWoNucAOsKMP0a8E1Pqd:3ZzalJVbfgOsKMMPPd

Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Zui---Insiders-Setup-1.3.1-5.exe

Resource

win7-20230831-en

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zui---Insiders-Setup-1.3.1-5.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zui---Insiders-Setup-1.3.1-5.exe
- Size
  
  137.6MB
- MD5
  
  daeb66e1363288bcfdab882299217095
- SHA1
  
  a8fb7190057ac6dbb3333ee9075532e182c43496
- SHA256
  
  8e897ded8b0e16fa2120cdf746e820c2b6942f25d23a90fd6d5a1a9155c3e7f7
- SHA512
  
  e0edeed01a0959fed655f81d2b58a404813fa90aa713c6576b1cbf7dcfe71255682e146edde53876c0f6636f743c606c6705e80a4c13c3ec36cc12ae6f893fc8
- SSDEEP
  
  3145728:/f3pza3VJ7Y2Lh2WOSdyclhsJtZUWoNucAOsKMP0a8E1Pqd:3ZzalJVbfgOsKMMPPd
Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- EvilNum C# Component
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
  infostealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

diamondfoxevilnumsnakekeyloggerbotnetdiscoveryinfostealerkeyloggerpyinstallerstealertrojan

behavioral2

© 2018-2024

Terms | Privacy