Overview

overview

10

Static

static

10

discord-reg.zip

windows7-x64

1

discord-reg.zip

windows10-2004-x64

1

discord-re...pi.dll

windows7-x64

1

discord-re...pi.dll

windows10-2004-x64

3

discord-re...dme.js

windows7-x64

1

discord-re...dme.js

windows10-2004-x64

1

discord-re...dex.js

windows7-x64

1

discord-re...dex.js

windows10-2004-x64

1

discord-re...und.js

windows7-x64

1

discord-re...und.js

windows10-2004-x64

1

discord-re...dex.js

windows7-x64

1

discord-re...dex.js

windows10-2004-x64

1

discord-re...und.js

windows7-x64

1

discord-re...und.js

windows10-2004-x64

1

discord-re...dex.js

windows7-x64

1

discord-re...dex.js

windows10-2004-x64

1

discord-re...DME.js

windows7-x64

1

discord-re...DME.js

windows10-2004-x64

1

discord-re...dex.js

windows7-x64

1

discord-re...dex.js

windows10-2004-x64

1

discord-re...DME.js

windows7-x64

1

discord-re...DME.js

windows10-2004-x64

1

discord-re...dex.js

windows7-x64

1

discord-re...dex.js

windows10-2004-x64

1

discord-re...dme.js

windows7-x64

1

discord-re...dme.js

windows10-2004-x64

1

discord-re...dex.js

windows7-x64

1

discord-re...dex.js

windows10-2004-x64

1

discord-re...DME.js

windows7-x64

1

discord-re...DME.js

windows10-2004-x64

1

discord-re...DME.js

windows7-x64

1

discord-re...DME.js

windows10-2004-x64

1

Analysis

  • max time kernel
    1873s
  • max time network
    1864s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-09-2023 14:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    discord-reg/bypass/browser/node_modules/bytes/Readme.js

  • Size

    4KB

  • MD5

    e7804750b4dbb0e9169be6bc020c8e6f

  • SHA1

    c1f64bb7089cb59d5b3d929388118d25448ae22a

  • SHA256

    761e5a8818f8de496a4df6632fa30df65b62e00d5db2b297096c63e07d61f740

  • SHA512

    645f50f3627629a5c62175b1182d2279cad099f6b4f02b3f0fe7b604fcc64a73a7e5a0b25a225bc25326dc7a8a30aeaa2ab060fbfbba2ddb92fdad6673c22c35

  • SSDEEP

    48:xFqXmR2NdXMoNj4CUGLaHtT8sZkwadPZvCLvqv/pyiKmfFapucGa3cmWqMb8JbRZ:WXn15sTGeH8sSJWJTHsyfKBM

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\discord-reg\bypass\browser\node_modules\bytes\Readme.js
    1⤵
      PID:4416
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:1768
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3560

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        3dd5bd3e353ec6c7552ff6bbe0dcc399

        SHA1

        8ca896415746c760e358fa86471e5ddf2262e896

        SHA256

        39a42ad27b601e69b6934ea778d8ac1d7c7f89824ca34078b8ba5e324195b9fb

        SHA512

        91309d775fce87ce865d9b133230adac6d691b6ccbee80243234bb10941d6c1d56c5198ef2615c185df4c9923883fca1a0d5e271a4999d9ecf3326ddc365b621

        Download Submit

      • memory/3560-40-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-33-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-42-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-34-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-35-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-36-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-37-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-38-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-43-0x0000024CF2090000-0x0000024CF2091000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-0-0x0000024CE9D50000-0x0000024CE9D60000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3560-68-0x0000024CF22E0000-0x0000024CF22E1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-32-0x0000024CF2440000-0x0000024CF2441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-39-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-44-0x0000024CF2080000-0x0000024CF2081000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-46-0x0000024CF2090000-0x0000024CF2091000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-49-0x0000024CF2080000-0x0000024CF2081000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-52-0x0000024CF1FC0000-0x0000024CF1FC1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-16-0x0000024CE9E50000-0x0000024CE9E60000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3560-64-0x0000024CF21C0000-0x0000024CF21C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-66-0x0000024CF21D0000-0x0000024CF21D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-67-0x0000024CF21D0000-0x0000024CF21D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3560-41-0x0000024CF2470000-0x0000024CF2471000-memory.dmp

        Filesize

        4KB

        Download