General

  • Target

    Zui---Insiders-Setup-1.3.1-5.exe

  • Size

    137.6MB

  • Sample

    231012-1sektseb73

  • MD5

    daeb66e1363288bcfdab882299217095

  • SHA1

    a8fb7190057ac6dbb3333ee9075532e182c43496

  • SHA256

    8e897ded8b0e16fa2120cdf746e820c2b6942f25d23a90fd6d5a1a9155c3e7f7

  • SHA512

    e0edeed01a0959fed655f81d2b58a404813fa90aa713c6576b1cbf7dcfe71255682e146edde53876c0f6636f743c606c6705e80a4c13c3ec36cc12ae6f893fc8

  • SSDEEP

    3145728:/f3pza3VJ7Y2Lh2WOSdyclhsJtZUWoNucAOsKMP0a8E1Pqd:3ZzalJVbfgOsKMMPPd

Malware Config

Targets

    • Target

      Zui---Insiders-Setup-1.3.1-5.exe

    • Size

      137.6MB

    • MD5

      daeb66e1363288bcfdab882299217095

    • SHA1

      a8fb7190057ac6dbb3333ee9075532e182c43496

    • SHA256

      8e897ded8b0e16fa2120cdf746e820c2b6942f25d23a90fd6d5a1a9155c3e7f7

    • SHA512

      e0edeed01a0959fed655f81d2b58a404813fa90aa713c6576b1cbf7dcfe71255682e146edde53876c0f6636f743c606c6705e80a4c13c3ec36cc12ae6f893fc8

    • SSDEEP

      3145728:/f3pza3VJ7Y2Lh2WOSdyclhsJtZUWoNucAOsKMP0a8E1Pqd:3ZzalJVbfgOsKMMPPd

    • DiamondFox

      DiamondFox is a multipurpose botnet with many capabilities.

    • EvilNum C# Component

    • Evilnum

      A malware family with multiple components distributed through LNK files.

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

    • Snake Keylogger payload

    • DiamondFox payload

      Detects DiamondFox payload in file/memory.

MITRE ATT&CK Enterprise v15

Tasks