Overview

overview

10

Static

static

10

Discord.AIO.exe

windows7-x64

10

Discord.AIO.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Discord.AIO.exe

  • Size

    6.5MB

  • Sample

    230504-t19bvafe9y

  • MD5

    7adc6022bb09db5e263fb294aaab2566

  • SHA1

    77746a413c35573521c14eba036a2da5da68526a

  • SHA256

    54bb1a394197df666003cd83a607b364b373c32df999c51f3c14bb830fc776ee

  • SHA512

    21922589a3dc6fd2ccf4545dceb15249ca8882d946d9a29a90248dec55ed41b719d9d835381e0115a10d58957dbbc7ac3a277c2e1e88f398c672bed8e249a11a

  • SSDEEP

    98304:27w0WYwOYA4vWVU4fgcmnH3EPIL6yFs9u/FpboNe7mZD7JOu9mq2Jo2N/03FIgcG:ts4vkmXas+6cOGR2JFNmWZCZ

Score
10/10

Malware Config

Targets

    • Target

      Discord.AIO.exe

    • Size

      6.5MB

    • MD5

      7adc6022bb09db5e263fb294aaab2566

    • SHA1

      77746a413c35573521c14eba036a2da5da68526a

    • SHA256

      54bb1a394197df666003cd83a607b364b373c32df999c51f3c14bb830fc776ee

    • SHA512

      21922589a3dc6fd2ccf4545dceb15249ca8882d946d9a29a90248dec55ed41b719d9d835381e0115a10d58957dbbc7ac3a277c2e1e88f398c672bed8e249a11a

    • SSDEEP

      98304:27w0WYwOYA4vWVU4fgcmnH3EPIL6yFs9u/FpboNe7mZD7JOu9mq2Jo2N/03FIgcG:ts4vkmXas+6cOGR2JFNmWZCZ

    Score
    10/10

    • Contains code to disable Windows Defender

      A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks