General
-
Target
appguard.exe
-
Size
555KB
-
MD5
4f1b656b9b4665f11bad199e1651da67
-
SHA1
edd2db91a8af07a24f0ac2187dd2ec53b0165936
-
SHA256
54144bb63aefca740fd1b88f5daa54a6386b387356c959f390e7b3ecc6c78c88
-
SHA512
aa76dc248a084b70f92c64cc3a73238e1a8d120f6fdec81bfabeb181c04c5d628a4cf977927950fe336cb73f78e8b7c988105f8c03366b9cb1066fa13c6a6540
-
SSDEEP
6144:HXCxKhrFoVcx+0AEddgDDgpVtZI5lZP26axHU++4bVqnpCDL8PhbfgrC:HXzl+V5wqgpHZI5lB14bVACH
Malware Config
Extracted
discordrat
-
discord_token
MTE0ODI4ODE0MDUzMzA1MTQ3Mg.G7f--y.fpqAmeUzoCkTi9IFCC1KfCtfj2eFgcM6YRhVhI
-
server_id
1148287520237424751
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource appguard.exe
Files
-
appguard.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 553KB - Virtual size: 553KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 896B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ