{
	"id": "9032a76a-30e5-41fc-863e-065290a38439",
	"created_at": "2026-04-06T00:18:49.706141Z",
	"updated_at": "2026-04-10T03:20:36.636359Z",
	"deleted_at": null,
	"sha1_hash": "0c3060f506cb49455d0084dc09f6b4e48ef16a36",
	"title": "DiamondFox (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 33400,
	"plain_text": "DiamondFox (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 16:19:15 UTC\r\nDiamondFox\r\naka: Crystal, Gorynych, Gorynch\r\nVTCollection    \r\nAccording to PCrisk, DiamondFox is highly modular malware offered as malware-as-a-service, and is for sale on\r\nvarious hacker forums. Therefore, cyber criminals who are willing to use DiamondFox do not necessarily require\r\nany technical knowledge to perform their attacks.\r\nOnce purchased, this malware can be used to log keystrokes, steal credentials (e.g., usernames, email addresses,\r\npasswords), hijack cryptocurrency wallets, perform distributed denial of service (DDoS) attacks, and to carry out\r\nother malicious tasks.\r\nDiamondFox allows cyber criminals to choose which plug-ins to keep activated and see infection statistics in real-time.\r\nReferences\r\nYara Rules\r\n[TLP:WHITE] win_diamondfox_auto (20180607 | autogenerated rule brought to you by yara-signator)\r\nDownload all Yara Rules\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.diamondfox\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.diamondfox\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.diamondfox"
	],
	"report_names": [
		"win.diamondfox"
	],
	"threat_actors": [],
	"ts_created_at": 1775434729,
	"ts_updated_at": 1775791236,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0c3060f506cb49455d0084dc09f6b4e48ef16a36.pdf",
		"text": "https://archive.orkl.eu/0c3060f506cb49455d0084dc09f6b4e48ef16a36.txt",
		"img": "https://archive.orkl.eu/0c3060f506cb49455d0084dc09f6b4e48ef16a36.jpg"
	}
}