Behavioral task
behavioral1
Sample
Damirus_Logger.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Damirus_Logger.exe
Resource
win10v2004-20231025-en
General
-
Target
Damirus_Logger.exe
-
Size
78KB
-
MD5
da20068dd579975660b689e521d9123b
-
SHA1
a9204362998e0e643caf0c720b23ebc2ae327f89
-
SHA256
e5969588c577709d8e0cd768269afa6bd9271bbece62147189baab90f1e33f34
-
SHA512
2589fae057b77d1b7c6ff8dacb82721249519c960dd2c086ba754bbe6cee57db8f3e6693475848be46cdebf64f0541386a7ef29ef4e058fb511a1629b8f517af
-
SSDEEP
1536:p2WjO8XeEXFV5P7v88wbjNrfxCXhRoKV6+V+gPIC:pZ75PDwbjNrmAE+EIC
Malware Config
Extracted
discordrat
-
discord_token
MTE3MDg0MjIwNDYzMDE2MzUxOA.Ge1b_5.73MLEwSj2-0hHXjtWkAJjDVZjEsMSG8h0iVQ6o
-
server_id
1168354244890480820
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Damirus_Logger.exe
Files
-
Damirus_Logger.exe.exe windows:4 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ