diamondfox | d74f268e9a33e5e3c5dc1d9b4e1e7f8fff612814dd53cbe16e64f070834290f6 | Triage

Submit
Reports

Overview

overview

Static

static

1

Zui-Setup-1.2.0.exe

windows7-x64

Zui-Setup-1.2.0.exe

windows10-2004-x64

4

Sharing

General

Target

Zui-Setup-1.2.0.exe
Size

137.6MB
Sample

231013-bgw83agh31
MD5

ba4cbd93f59912ea161ca4f0659903c6
SHA1

ebd1e850f6340b0cc9325ed197588141e41f2173
SHA256

d74f268e9a33e5e3c5dc1d9b4e1e7f8fff612814dd53cbe16e64f070834290f6
SHA512

cd136fe7850f8113f01b61ede94ff95614a63ed33456fd8917bfde6cb66f865883dd976ab7383839afa65296315889f6d3c1303e93a2d5a9b817ecdd89b7d05b
SSDEEP

3145728:7Wuj6jps3VJ7Y2Lgi5ejMOGM4V4LSxNmLFSaNs8rGk:qEypslJVci5qWJEYr8X

Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Zui-Setup-1.2.0.exe

Resource

win7-20230831-en

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Zui-Setup-1.2.0.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zui-Setup-1.2.0.exe
- Size
  
  137.6MB
- MD5
  
  ba4cbd93f59912ea161ca4f0659903c6
- SHA1
  
  ebd1e850f6340b0cc9325ed197588141e41f2173
- SHA256
  
  d74f268e9a33e5e3c5dc1d9b4e1e7f8fff612814dd53cbe16e64f070834290f6
- SHA512
  
  cd136fe7850f8113f01b61ede94ff95614a63ed33456fd8917bfde6cb66f865883dd976ab7383839afa65296315889f6d3c1303e93a2d5a9b817ecdd89b7d05b
- SSDEEP
  
  3145728:7Wuj6jps3VJ7Y2Lgi5ejMOGM4V4LSxNmLFSaNs8rGk:qEypslJVci5qWJEYr8X
Score

10^/10

diamondfox evilnum snakekeylogger botnet discovery infostealer keylogger pyinstaller stealer trojan
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- EvilNum C# Component
- Evilnum
  A malware family with multiple components distributed through LNK files.
  trojan evilnum
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- DiamondFox payload
  Detects DiamondFox payload in file/memory.
  infostealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

diamondfoxevilnumsnakekeyloggerbotnetdiscoveryinfostealerkeyloggerpyinstallerstealertrojan

behavioral2

© 2018-2024

Terms | Privacy