General
-
Target
8eda529979d30636fb0fbb45c2da7977_JaffaCakes118
-
Size
76KB
-
Sample
240602-vz3ncahe41
-
MD5
8eda529979d30636fb0fbb45c2da7977
-
SHA1
c8894ae2dc2d6f0225c72a2b19fb283a57f077fe
-
SHA256
ad9ad8c5e78a1060cddb589a027ed9ac6f8ef8fbaa88862e9269690a4fe49283
-
SHA512
537a16d8dc253800d5225ee1f41135fe619df6c26491fe203632d385751f57a2aa8da5cd9bd4c6582b2f579751ce245aeea367fe106a90058a332d768982d44c
-
SSDEEP
768:/7XINhXznVJ8CC1rBXdo0zekXUd3CdPJxB7mNmDZkUKMKZQbFTiKKAZTX:ChT8C+fuioHq1KEFoAF
Malware Config
Targets
-
-
Target
8eda529979d30636fb0fbb45c2da7977_JaffaCakes118
-
Size
76KB
-
MD5
8eda529979d30636fb0fbb45c2da7977
-
SHA1
c8894ae2dc2d6f0225c72a2b19fb283a57f077fe
-
SHA256
ad9ad8c5e78a1060cddb589a027ed9ac6f8ef8fbaa88862e9269690a4fe49283
-
SHA512
537a16d8dc253800d5225ee1f41135fe619df6c26491fe203632d385751f57a2aa8da5cd9bd4c6582b2f579751ce245aeea367fe106a90058a332d768982d44c
-
SSDEEP
768:/7XINhXznVJ8CC1rBXdo0zekXUd3CdPJxB7mNmDZkUKMKZQbFTiKKAZTX:ChT8C+fuioHq1KEFoAF
Score10/10-
DiamondFox
DiamondFox is a multipurpose botnet with many capabilities.
-
DiamondFox stealer
-
UAC bypass
-
Windows security bypass
-
Drops file in Drivers directory
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Checks whether UAC is enabled
-