Overview

overview

7

Static

static

1

DiscordSetup.exe

windows7-x64

7

DiscordSetup.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    DiscordSetup.exe

  • Size

    91.1MB

  • Sample

    230712-kekxpace72

  • MD5

    e566828b19ea32efd096d427f1350c08

  • SHA1

    cf4f02f6613059942da0c32356db5ac1dce43b56

  • SHA256

    e4521f4f089eb7993188901318b2823c9f5293193ffe7cc6d85921c76ac372f7

  • SHA512

    4044d03d755525b2ad893318f270458b10b6e52455fe35717a1db5a6bfbc0c5cd4d6fd5d18813f9d1efe76f5f90edb6de96fd8e7a7e15057c713faf341bcfc79

  • SSDEEP

    1572864:WnKEvGyXi+aPcu1n0ckUoJr0p03kRPoNnn+d3MGpHKmLYj/:TyXBoDn0lO03kRPh3bpHEj/

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      DiscordSetup.exe

    • Size

      91.1MB

    • MD5

      e566828b19ea32efd096d427f1350c08

    • SHA1

      cf4f02f6613059942da0c32356db5ac1dce43b56

    • SHA256

      e4521f4f089eb7993188901318b2823c9f5293193ffe7cc6d85921c76ac372f7

    • SHA512

      4044d03d755525b2ad893318f270458b10b6e52455fe35717a1db5a6bfbc0c5cd4d6fd5d18813f9d1efe76f5f90edb6de96fd8e7a7e15057c713faf341bcfc79

    • SSDEEP

      1572864:WnKEvGyXi+aPcu1n0ckUoJr0p03kRPoNnn+d3MGpHKmLYj/:TyXBoDn0lO03kRPh3bpHEj/

    Score
    7/10
    discoveryspywarestealerpersistence

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks