Diamond Fox - part 2: let's dive in the code | Malwarebytes Labs
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vnc - T1021.005 Visual Basic - T1059.005 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 44f98e3e-d6db-4a75-9e01-deabab375a78 |
| Fingerprint | be9208bbc5b7af88 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 6, 2017, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 18, 2024, 2:36 a.m. |
| Headline | Diamond Fox - part 2: let's dive in the code |
| Title | Diamond Fox - part 2: let's dive in the code | Malwarebytes Labs |
| Detected Hints/Tags/Attributes | 44/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.malwarebytes.com/threat-analysis/2017/04/diamond-fox-p2/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 221 | gist.github.com |
|
| Details | Domain | 8 | www.cylance.com |
|
| Details | Domain | 31 | hshrzd.wordpress.com |
|
| Details | Github username | 35 | hasherezade |
|
| Details | md5 | 2 | 988e9fa903cc2fbb80e7221072fb2221 |
|
| Details | md5 | 1 | 3ef960da3e4bc4bc7c05d02fbf121d4e |
|
| Details | md5 | 1 | 79de1509c8565ec7496cd554092df6f8 |
|
| Details | Url | 1 | https://gist.github.com/hasherezade/79de1509c8565ec7496cd554092df6f8#file |
|
| Details | Url | 1 | https://www.cylance.com/a-study-in-bots-diamondfox |
|
| Details | Url | 28 | https://hshrzd.wordpress.com |