DiscordCanarySetup[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DiscordCanarySetup.exe
Size

4.4MB
MD5

e73ae59655f827ef4a3adad1efdd86a6
SHA1

a7e488e9070b9e795805f733229b6b8ee2570c66
SHA256

1b0fac0aa36e960881445ae64a8ac15c1ea2c6834c5f430b979fb2f3ded6cbdd
SHA512

cc36877dd72a2a038c663fd80add05615eaeca9bcc31254c67f399877bb0e4f9087198cd6c2e25c2c86d693e86c67cd5a2d5fdfc31456f3fa1cc15faf535df1e
SSDEEP

98304:OBYrduskRhoy1KyU7ahBKotS+eMkxq1edj1BD6AAn1xMcnrKU8Jx4:OBYrGRhojy/H8H01A1BDCXMcnyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DiscordCanarySetup.exe

Files

DiscordCanarySetup.exe
.exe windows:6 windows x64

df499d9e45255a95c6191ed08e14aaec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDeviceAndSwapChain

d3dx11_43

D3DX11CreateShaderResourceViewFromMemory

kernel32

CloseHandle
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowRect

msvcp140

_Query_perf_counter

d3dcompiler_43

D3DCompile

dwmapi

DwmExtendFrameIntoClientArea

imm32

ImmSetCandidateWindow

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memchr

api-ms-win-crt-runtime-l1-1-0

_cexit

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-string-l1-1-0

_stricmp

api-ms-win-crt-stdio-l1-1-0

fflush

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

ceilf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.li"
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ri-
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

._\3
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df499d9e45255a95c6191ed08e14aaec

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

d3dx11_43

kernel32

user32

msvcp140

d3dcompiler_43

dwmapi

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 225KB

.rdata Size: - Virtual size: 488KB

.data Size: - Virtual size: 557KB

.pdata Size: - Virtual size: 10KB

.li" Size: - Virtual size: 2.2MB

.Ri- Size: 3KB - Virtual size: 3KB

._\3 Size: 4.4MB - Virtual size: 4.4MB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: - Virtual size: 225KB

.rdata
Size: - Virtual size: 488KB

.data
Size: - Virtual size: 557KB

.pdata
Size: - Virtual size: 10KB

.li"
Size: - Virtual size: 2.2MB

.Ri-
Size: 3KB - Virtual size: 3KB

._\3
Size: 4.4MB - Virtual size: 4.4MB

.rsrc
Size: 15KB - Virtual size: 14KB