diamondfox | 5a13011706a50a9956aa44121e1d3b0293a1806a72480217c77079ce16dda460 | Triage

Submit
Reports

Overview

overview

Static

static

1

Zui Setup 1.3.0.exe

windows7-x64

4

Zui Setup 1.3.0.exe

windows10-2004-x64

Sharing

General

Target

Zui Setup 1.3.0.exe
Size

137.5MB
Sample

231012-3d7deagg47
MD5

1af2c029f6f1d549fa85898b5dec73e1
SHA1

d5821978d2370a7851fdf3ce8bd847e34567e1b1
SHA256

5a13011706a50a9956aa44121e1d3b0293a1806a72480217c77079ce16dda460
SHA512

f051a8556a0a7650199dc5bfb4f1aed122970e42ee4d1662229de033310141a2d88e1dfa95f721bd53419d6de1ce22aacc11ceb611d148b30723fc76bf1e9564
SSDEEP

3145728:MZ3p4xI3VJ7Y2LAdI2LhUUCk3qIePSsaf1bxQd8QN:SZ4xIlJVSiUCkPNz/g

Score

10^/10

diamondfox evilnum snakekeylogger botnet infostealer keylogger pyinstaller stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Zui Setup 1.3.0.exe

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zui Setup 1.3.0.exe

Resource

win10v2004-20230915-en

diamondfox evilnum snakekeylogger botnet infostealer keylogger pyinstaller stealer trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zui Setup 1.3.0.exe
- Size
  
  137.5MB
- MD5
  
  1af2c029f6f1d549fa85898b5dec73e1
- SHA1
  
  d5821978d2370a7851fdf3ce8bd847e34567e1b1
- SHA256
  
  5a13011706a50a9956aa44121e1d3b0293a1806a72480217c77079ce16dda460
- SHA512
  
  f051a8556a0a7650199dc5bfb4f1aed122970e42ee4d1662229de033310141a2d88e1dfa95f721bd53419d6de1ce22aacc11ceb611d148b30723fc76bf1e9564
- SSDEEP
  
  3145728:MZ3p4xI3VJ7Y2LAdI2LhUUCk3qIePSsaf1bxQd8QN:SZ4xIlJVSiUCkPNz/g
Score

10^/10

diamondfox evilnum snakekeylogger botnet infostealer keylogger pyinstaller stealer trojan
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- EvilNum C# Component
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
  infostealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

diamondfoxevilnumsnakekeyloggerbotnetinfostealerkeyloggerpyinstallerstealertrojan

© 2018-2024

Terms | Privacy