discordrat | setup-your-own-imglog[.]zip | Triage

Sharing

General

Target

setup-your-own-imglog.zip
Size

44KB
MD5

66fb67e1ea566f420563b5a7968e056f
SHA1

d99df645477e520ab91b08854a84e863dd4d10c4
SHA256

38ce159dcf4ac0b06721ef313d4ac434a16f432ec6b23c23c5dd5130e5d39e30
SHA512

aa11af43d083fef8286b502020d8f9a0a7554bc7692620fca3dd6755ff956bd20af580c1f8f00b37ceefde8b50cec4a2e6959b878e9d0786fe49e7b72f57a60e
SSDEEP

768:pCLRGNasgELw6JPsHSVaVBaq1CZA6SlB+/xSJOrTPkQQ:RNXgwwGyEuaZi6SlBq8zz

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIwMTI5MzQyMzEzNTY5OTEyNQ.GzeDuC.l5yt96hit4NWcTChpmOYSAp4h99uqLh82qM9-E
server_id
1201293305384812554

Signatures

Discordrat family
discordrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/password=1/discord-tools.cmd

Files

setup-your-own-imglog.zip
.zip

Password: 1
password=1/discord-tools.cmd
.exe windows:4 windows x64 arch:x64

Password: 1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ