A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #26907  by Xylitol
 Fri Oct 09, 2015 9:09 am
Image

A Study in Bots: DiamondFox ~ http://blog.cylance.com/a-study-in-bots-diamondfox
All in one crimeware called "DiamondFox" ~ https://translate.google.com/translate? ... 52200.html
Gorynych/DiamondFox v4.2.0.257 - File Upload Vulnerability ~ https://www.youtube.com/watch?v=UlmYR04UUyc (fixed since Built-4.2.0.302 package)
from the fixed package of the panel (1f75686f74a8c43d39c8d1ff2fab8035):
Code: Select all
/* Thank you XyliboxFrance for the feedback */
:lol:

Samples:
c6ae9dfa0252488aacb5c0be49c4ee43
9209b051c1f4b305f84a382386d5dd57
de9e9e640e1a1690883a14d4c38557d0
698aeee768549ff78e9aac35ec2073b4
8c610d12ee5e0052168a3f631772c356
cab89edb360efd381255b3bf1e558739
1013cab5c1151d20e3a75cdf4ec46606
25510b26828fa83233d8066e254d1054
c5c01a3063a85af1cf48d9bafe9cd468
00e90d335c40aaa3ec475ac2dc0ec107
db3167d1f62805c2bcf7bd9f51c47819
7577b6202df0947d832520b151b446e4
c2cf234b0782f1f25df1b16258dc08f0
be617918109b99a95a89db54c2d63fd6
30b9ee4cced970da8a25532b35b5faa0
c5273a857baffe2d9426e6eb91f37285
5d2e471fd7337fcd4a0260e64ae631f4
0e3fb3e2f70750e845613006a00c05cb
32b0a63b5d37fba8e581bb08b401e42e
dc394063269815da30c6e09d433781a4
941b85005e84859b8287c5cfbec34cd5
0ce4138f90e70df1ed352e3355a06b09
1f537b7ee0f050898ab71d81b142a8e8
7ef1853de2f894ab6e91410ea930a20d
81c1342f1158e031f65039c16a21c704
36d4b5d5f1dce5fba9edd9a339c3948f
ed2216354f360ee446f2270bca5855cb
57b6201c4234848ed9a8379d29d39680
52e0110fe956c9d092200e729bafc215
8c6252082a4d2a80f8f0680d8ba285bd
e574366fd9a708405c6620d1d723e214
2443982b34f5ebb23ace7bab8f1f2a36
2fbd48a16da6eeabd855e4726ea0620c
86e71e980ca81124b59b8948c79f8103
5e9f5ce035e7f690752adc75e92b45bf

Fun thing: In France we have something know as 'FrenchTech' sponsored by government, it's a French label awarded to metropolitan centers recognized for their startups ecosystem and innovative enterprises.
Here is one of their regional logo:
Image
Each regional logo are created by the cities themself, so quite independently.
Attachments
infected
(917.71 KiB) Downloaded 112 times