Overview

overview

7

Static

static

3

discord-enoguht.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    discord-enoguht.exe

  • Size

    21.0MB

  • Sample

    230412-smf8gada86

  • MD5

    5c84d255a8d114a1db5fb7e0ce782e3b

  • SHA1

    82ef24b305702d7f0888080a073ff205fe659550

  • SHA256

    d87801f093fc6f63dfc9bf3a5a4999387576691b8c02c6d6b7e7a4a433a954ee

  • SHA512

    7799ecab54c3254edbc75f225ebfa78e4210e8c123ff832d4f4938c9eb1744af11eade77b52a10f5d4c21deeaeeee979c4e5c38f41f0dc43a4ce329c8929f230

  • SSDEEP

    393216:RlCDD/tFIFThaHAxy/m3poaUX47d4zYHzdChd1lx:ROhSnaHAEKoaUI7d4zY5sl

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      discord-enoguht.exe

    • Size

      21.0MB

    • MD5

      5c84d255a8d114a1db5fb7e0ce782e3b

    • SHA1

      82ef24b305702d7f0888080a073ff205fe659550

    • SHA256

      d87801f093fc6f63dfc9bf3a5a4999387576691b8c02c6d6b7e7a4a433a954ee

    • SHA512

      7799ecab54c3254edbc75f225ebfa78e4210e8c123ff832d4f4938c9eb1744af11eade77b52a10f5d4c21deeaeeee979c4e5c38f41f0dc43a4ce329c8929f230

    • SSDEEP

      393216:RlCDD/tFIFThaHAxy/m3poaUX47d4zYHzdChd1lx:ROhSnaHAEKoaUI7d4zY5sl

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks