Overview

overview

7

Static

static

3

Scratch-Fo....1.exe

windows7-x64

7

Scratch-Fo....1.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Scratch-For-Discord-Setup-2.0.1.exe

  • Size

    123.5MB

  • Sample

    230610-swar2sfb98

  • MD5

    712f12c4f18810b71af80f80fbda71df

  • SHA1

    0a873caad717990d02262d5ae17cc0b263f0c9c8

  • SHA256

    01937c2b4144b89190b8757b84bbe979469af4ac1d464c52085bef628feaaedc

  • SHA512

    cbf6df9062ecf5d33d8db769a63726f37d09e9d46425ae815a42e42b46a303fcf4d2ce42093e89d209705a924ec25daf360aa6ea18fac87169254e24a59872b4

  • SSDEEP

    3145728:0c7lWjoqjr+ZH3QcevQ7lWjH0atcWmTUDKl/4dtiIHR:37Bqjr+ZHAceI7a7mi9uIHR

Score
7/10
discovery

Malware Config

Targets

    • Target

      Scratch-For-Discord-Setup-2.0.1.exe

    • Size

      123.5MB

    • MD5

      712f12c4f18810b71af80f80fbda71df

    • SHA1

      0a873caad717990d02262d5ae17cc0b263f0c9c8

    • SHA256

      01937c2b4144b89190b8757b84bbe979469af4ac1d464c52085bef628feaaedc

    • SHA512

      cbf6df9062ecf5d33d8db769a63726f37d09e9d46425ae815a42e42b46a303fcf4d2ce42093e89d209705a924ec25daf360aa6ea18fac87169254e24a59872b4

    • SSDEEP

      3145728:0c7lWjoqjr+ZH3QcevQ7lWjH0atcWmTUDKl/4dtiIHR:37Bqjr+ZHAceI7a7mi9uIHR

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks