diantz
|
LOLBAS
Tags
| attack-pattern: | Data Ntfs File Attributes - T1564.004 Server - T1583.004 Server - T1584.004 Data Compressed - T1002 Remote File Copy - T1105 |
Common Information
| Type | Value |
|---|---|
| UUID | b523292f-efb4-41aa-a3a0-f788d919e14a |
| Fingerprint | 949fe95f7a727fc6 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 1, 2019, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 15, 2024, 1:55 p.m. |
| Headline | .. / Diantz.exe Star |
| Title | diantz | LOLBAS |
| Detected Hints/Tags/Attributes | 8/1/17 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://lolbas-project.github.io/lolbas/Binaries/Diantz/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | targetfile.cab |
|
| Details | Domain | 1 | file.cab |
|
| Details | File | 2 | diantz.exe |
|
| Details | File | 1 | c:\windows\system32\diantz.exe |
|
| Details | File | 1 | c:\windows\syswow64\diantz.exe |
|
| Details | File | 1 | c:\pathtofile\file.exe |
|
| Details | File | 1 | c:\destinationfolder\targetfile.txt |
|
| Details | File | 1 | targetfile.cab |
|
| Details | File | 54 | file.exe |
|
| Details | File | 1 | c:\destinationfolder\file.cab |
|
| Details | Github username | 27 | sigmahq |
|
| Details | sha1 | 1 | 0593446f96c57a8b64e2b5b9fd15a20f1c56acab |
|
| Details | sha1 | 1 | 0f33cbc85bf4b23b8d8308bfcc8b21a9e5431ee7 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1564.004 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | Url | 1 | https://github.com/sigmahq/sigma/blob/0593446f96c57a8b64e2b5b9fd15a20f1c56acab/rules/windows/process_creation/win_pc_lolbas_diantz_ads.yml |
|
| Details | Url | 1 | https://github.com/sigmahq/sigma/blob/0f33cbc85bf4b23b8d8308bfcc8b21a9e5431ee7/rules/windows/process_creation/win_pc_lolbas_diantz_remote_cab.yml |