Overview

overview

9

Static

static

7

DiscordSetup.exe

windows10-1703-x64

9

DiscordSetup.exe

windows10-2004-x64

9

Resubmissions

04/06/2023, 16:31

230604-t1hh5acf88 9

04/06/2023, 16:30

230604-tzxlnacf87 9

Sharing

Copy URL Twitter E-mail

General

  • Target

    DiscordSetup.exe

  • Size

    5.3MB

  • Sample

    230604-t1hh5acf88

  • MD5

    9cce9ee0020b6f3771ffea7f00fddae0

  • SHA1

    9b35d27cc87d54413ba920fb0ba46d437bb2a285

  • SHA256

    4286f05225b773ba95830a248e111cb47a12f4a3cb60d8f823a6cb8a461ccb98

  • SHA512

    d71b4cd71369e0befc95770faff086be529455b6e281dc728dbbf6e568ec8b41ce926b61b70a998c14080094c5a25d74ad313dbcead1d960ecbf6ac118e0f038

  • SSDEEP

    98304:aKoJzvhoTYC61CGlcnn2pL3+Skbr7oOCvpn3sgJxzz5sjwiYHJf:aTR5okC61CGlcn2V6bvU2grzijMl

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      DiscordSetup.exe

    • Size

      5.3MB

    • MD5

      9cce9ee0020b6f3771ffea7f00fddae0

    • SHA1

      9b35d27cc87d54413ba920fb0ba46d437bb2a285

    • SHA256

      4286f05225b773ba95830a248e111cb47a12f4a3cb60d8f823a6cb8a461ccb98

    • SHA512

      d71b4cd71369e0befc95770faff086be529455b6e281dc728dbbf6e568ec8b41ce926b61b70a998c14080094c5a25d74ad313dbcead1d960ecbf6ac118e0f038

    • SSDEEP

      98304:aKoJzvhoTYC61CGlcnn2pL3+Skbr7oOCvpn3sgJxzz5sjwiYHJf:aTR5okC61CGlcn2V6bvU2grzijMl

    Score
    9/10
    evasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks