Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win10-20231215-en
General
-
Target
Client-built.exe
-
Size
78KB
-
MD5
b81180fe54831a95193f7a3eac2b57ca
-
SHA1
404a5293c7bfa3f31b884d16058de1bc6e1ce2e6
-
SHA256
4acd08f923da60cae56b32c44829b5db9268e2ac0839d97c77f7052e3262306f
-
SHA512
a3cd448cab5470774aba49afb448a4ea1364919ee962ad4c0dfa43d8b16e02d7c3bd81de4644e13b7d92b5e06ed34e086a20ddffbdc4813ee7de7c3d010446e8
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+pPIC:5Zv5PDwbjNrmAE+ZIC
Malware Config
Extracted
discordrat
-
discord_token
MTE5OTYxMTgwODU5MjQ0NTU4MA.GuR5Xq.UuXyRXvvaF0JvfMM6O0rWn529qjQMZIPH_IG-g
-
server_id
1197802974894886943
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Client-built.exe
Files
-
Client-built.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ