discordrat | Proton changer-CS2[.]rar

Resubmissions

19/12/2023, 15:23

231219-sstqradbhr 10

19/12/2023, 15:00

231219-sdj8rsacbn 10

Sharing

Copy URL Twitter E-mail

General

Target

Proton changer-CS2.rar
Size

4.2MB
MD5

5e7d4a44617249849528ab41f8490db0
SHA1

f53bd239d106162106694ea655feb6d3e7f320e8
SHA256

763c59fe814a81905d091d64ebd2eb3afef7cb79ed3a6b89ed30bdf71c21cb29
SHA512

c7927abf5a48473450637424e6af95996e06f524dda76785f7ef9d910f32b697f96ea56afdf5347923f8ee573a6ab460abaf532f1ce188ef80a55faf270cc706
SSDEEP

98304:78MEUkkSdGHMIVCjgl4fmqDvAdZXAIsQRsxMmR95VwuGxhUA9a1:YM4pdGHJRlBqD4ZwQRsxFb5VwuGnJ9a1

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE4NjU4MjQ0NDI0NjMwMjc1MA.GASQUi.LuaeFID8dxnhe68i9050fjtf_7kpkREbUUyjoY
server_id
1186582928906530837

Signatures

Discordrat family
discordrat

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Proton changer V1/cs2 proton changer.exe
unpack001/Proton changer V1/dnlib.dll

Files

Proton changer-CS2.rar
.rar
Proton changer V1/READ ME • steps.txt
Proton changer V1/cs2 proton changer.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Proton changer V1/desktop.ini
Proton changer V1/dnlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proton changer V1/preview/proton icon.jpg
.jpg
Proton changer V1/preview/proton menu.png
.png

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 76KB - Virtual size: 76KB

.rsrc Size: 1KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B