diamondfox | 3a4f57129b6fbeb76b1a56b16f2209779d7264f1c14d99ae9b1371c82d3c502c | Triage

Submit
Reports

Overview

overview

Static

static

1

nuclei

ubuntu-24.04-amd64

Sharing

General

Target

nuclei
Size

101.7MB
Sample

240928-nx963sxapf
MD5

147343a16a64a0bce2f44c7065989795
SHA1

c361ceb6eca65611a206da72baa46eb6cc6da076
SHA256

3a4f57129b6fbeb76b1a56b16f2209779d7264f1c14d99ae9b1371c82d3c502c
SHA512

21367b4f709d811a91ed70c0186a99cceb250703234ddccdc1288525d9cc63ed8dba6a9f4b836b95655738781310688c6aa6effdcdffb7b724d5cc5ebca0333d
SSDEEP

786432:Xhhq8biNd6kDRWzbYDJ79Xd5WSMsx76D+zj2/FgoUtn8PWGe:hiNVXnM+6DCjEFgoE8ze

Score

10^/10

diamondfox antivm botnet discovery evasion linux stealer

Static task

static1

Behavioral task

behavioral1

Sample

nuclei

Resource

ubuntu2404-amd64-20240523-en

diamondfox antivm botnet discovery evasion stealer

ubuntu-24.04-amd64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  nuclei
- Size
  
  101.7MB
- MD5
  
  147343a16a64a0bce2f44c7065989795
- SHA1
  
  c361ceb6eca65611a206da72baa46eb6cc6da076
- SHA256
  
  3a4f57129b6fbeb76b1a56b16f2209779d7264f1c14d99ae9b1371c82d3c502c
- SHA512
  
  21367b4f709d811a91ed70c0186a99cceb250703234ddccdc1288525d9cc63ed8dba6a9f4b836b95655738781310688c6aa6effdcdffb7b724d5cc5ebca0333d
- SSDEEP
  
  786432:Xhhq8biNd6kDRWzbYDJ79Xd5WSMsx76D+zj2/FgoUtn8PWGe:hiNVXnM+6DCjEFgoE8ze
Score

10^/10

diamondfox antivm botnet discovery evasion stealer
- DiamondFox
  DiamondFox is a multipurpose botnet with many capabilities.
  botnet stealer diamondfox
- DiamondFox stealer
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Reads MAC address of network interface
  Fetches the MAC address of active network interfaces. May be used to detect known values for hypervisors.
  evasion discovery
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Wi-Fi Discovery

System Network Connections Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

diamondfoxantivmbotnetdiscoveryevasionstealer

© 2018-2024

Terms | Privacy