249bdaa4332b3e1a3a2148d4fd587a42bd48615af556d1c72da51c55bb2ca697

Sharing

Copy URL

Twitter E-mail

General

Target

BetterDiscord-Windows.exe
Size

75.1MB
Sample

240201-v761qsbbg6
MD5

43327119366e52928b9aed0c1e734389
SHA1

3777d8387fba8528b6e433a8e763df5dcd542a48
SHA256

249bdaa4332b3e1a3a2148d4fd587a42bd48615af556d1c72da51c55bb2ca697
SHA512

bda75994e6dcf5bc9e5b45d025894d62d0138a9d39c47255cd3b6b6e32f60de973da54bf85de57e8f0ca8a253bf414697c4b06e887d45dded90485ce6832e7f4
SSDEEP

1572864:DMKQ/QO4cQ0dPUnqZUPsziv5IANK+4ZYPDHdH/I1z/dHazC:DzXr50lUnqEneWlWYj21zaC

Score

5^/10

Malware Config

Targets

- Target
  
  BetterDiscord-Windows.exe
- Size
  
  75.1MB
- MD5
  
  43327119366e52928b9aed0c1e734389
- SHA1
  
  3777d8387fba8528b6e433a8e763df5dcd542a48
- SHA256
  
  249bdaa4332b3e1a3a2148d4fd587a42bd48615af556d1c72da51c55bb2ca697
- SHA512
  
  bda75994e6dcf5bc9e5b45d025894d62d0138a9d39c47255cd3b6b6e32f60de973da54bf85de57e8f0ca8a253bf414697c4b06e887d45dded90485ce6832e7f4
- SSDEEP
  
  1572864:DMKQ/QO4cQ0dPUnqZUPsziv5IANK+4ZYPDHdH/I1z/dHazC:DzXr50lUnqEneWlWYj21zaC
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgImage.dll
- Size
  
  7KB
- MD5
  
  487368e6fce9ab9c5ea053af0990c5ef
- SHA1
  
  b538e37c87d4b9a7645dcbbd9e93025a31849702
- SHA256
  
  e27efa5dfde875bd6b826fafb4c7698db6b6e30e68715a1c03eb018e3170fc04
- SHA512
  
  bb3ed4c0d17a11365b72653112b48c8c63ab10590dda3dfd90aa453f0d64203000e4571c73998063352240e1671d14da5ee394439899aaa31054fa2e9b722ea7
- SSDEEP
  
  96:8efk1LFJaO1/radJEaYtv1Zs4lkL8y3A2EN8Cmy3uT24j7J3kWyy/:tcTJa2roqJyA2EN8diuTHje
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral7 behavioral8
- Target
  
  BetterDiscord.exe
- Size
  
  112.3MB
- MD5
  
  673c5e8265f3f9c40e2fc8a4b56744e4
- SHA1
  
  5d0b271b850f0cd8e01229b1a72a2c1215bc7956
- SHA256
  
  43894debcd60fed8d64c1a724e60eb860a9d5453b3fc0529ecf9efdbc10a8128
- SHA512
  
  920c25220fe7d0b6b0079f9856d3931c3dcf93c8c6cf74f1ca1b3946a327093b24c03eb726b4344445b4d386847fc67e9dcf8550c20617a79df75b5d9c3e7483
- SSDEEP
  
  1572864:AzeRomoaC09nEiziYtpg0Ymr7owq3Ddn35FZevY4v034WZZB0HDh996O/fJaCJpw:geRomF3o3V/ZevY/CHHd+Iq
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  LICENSES.chromium.html
- Size
  
  5.1MB
- MD5
  
  6b84319ee8a0a0af690273d3d2dcbaf4
- SHA1
  
  857ca353e0582d100dcbc6cb6761bb4430d0cb90
- SHA256
  
  fc2a256467fb4d4ff72be6c423e5961e98b418554deeec296aded0e757b9a585
- SHA512
  
  26f9842bfdb429ef132cc1a930da9187071a339927eda402e8d54b5eb9e03067612cdadc3a2dad3d0977f8e6af18c05eab6ac91720221c6a0104f96638f85a8a
- SSDEEP
  
  24576:yd97B+mnLiLsrDy2VrErjKCqzkU98wwg3QeXuh:0P+mLAqHBCuRoeS
Score

1^/10
behavioral11 behavioral12
- Target
  
  d3dcompiler_47.dll
- Size
  
  3.5MB
- MD5
  
  2f2e363c9a9baa0a9626db374cc4e8a4
- SHA1
  
  17f405e81e5fce4c5a02ca049f7bd48b31674c8f
- SHA256
  
  2630f4188bd2ea5451ca61d83869bf7068a4f0440401c949a9feb9fb476e15df
- SHA512
  
  e668a5d1f5e6f821ebfa0913e201f0dfd8da2f96605701f8db18d14ea4fdeac73aeb9b4fe1f22eaeffcdd1c0f73a6701763727d5b09775666f82b678404e4924
- SSDEEP
  
  49152:sXMoHAsisjBFjJMLhHELxJm8ZU8W/GBj5Z535TMpinAizxkl/cD11bqCG7jHbOkD:srZOb8W/G5hnAizxz7NZy9AG
Score

3^/10
behavioral13 behavioral14
- Target
  
  ffmpeg.dll
- Size
  
  2.5MB
- MD5
  
  d2cc6fc3a7b6c5bcca5fae428fe799e0
- SHA1
  
  89cba6e9195cf95a7aa993d7aaadb331392b3bda
- SHA256
  
  0d4ebdd32f016c6eb203aef4c70ad2f93fa68e5b9e92087a862b21f8133c7319
- SHA512
  
  34f7e6c49ff2a230abc7c5aeeebc5ec628f07170c4638b3bfc5897a645fa5f167c54230373a39021548e0aceba50c35ef730e4ecb454bb4d882df2d699c86736
- SSDEEP
  
  49152:8LmyB/kMqMdqev+YEdOzvKi5rWniVA8IOF:UmI/kMqMdqe9zvKiOL8T
Score

1^/10
behavioral15 behavioral16
- Target
  
  libEGL.dll
- Size
  
  346KB
- MD5
  
  dccd99cb80c5022d4ed21c068d4e4ae5
- SHA1
  
  4fcdc6be313d0e3baa5168a7556df992e3364da4
- SHA256
  
  2166f8830bfbf3d574d7654bd927fe6e05fb74fb05d8e57af59c93090f6bc2a6
- SHA512
  
  02f18a691d85545a0452631b1c1e218aa5853d71937f7ae1d4f3639142399017139c1d9cb81f769754303635ce689605a7fd65765a3d8b4873603ced57925faf
- SSDEEP
  
  6144:DMsJQmSGv9SHEOCK6tNu2JztBwNWqERYRg2Z4uVPZIcwpJAc21Dq2bTm:DmERK6tNVwNWqEnFuVPicAwE
Score

1^/10
behavioral17 behavioral18
- Target
  
  libGLESv2.dll
- Size
  
  6.6MB
- MD5
  
  d36a30ef5726be3e3b3ed3f886a781a8
- SHA1
  
  0a47ed6013866aef030683e0398937013ce7fdf0
- SHA256
  
  3672e62c20b1d253ad642e155ae32ba5c1ca1f2cce37565c71a7d8aad21515dd
- SHA512
  
  8ac4adc7879cc7b0661809394e118220a350c9b8063aadf44fcecd115411fcc040ea73cb1fb2896931c34ec04b6146e5b5f7cda531249698dceb09aa1f9b4078
- SSDEEP
  
  98304:3QCYyoIganb7rvoRVNBlrErukVVraNqk6xjL5V9zEYT/lv3:3QCYyZDnyVfqrukTrBTxR
Score

3^/10
behavioral19 behavioral20
- Target
  
  locales/zh-TW.pak
- Size
  
  88KB
- MD5
  
  d0141fd3e851cdb790549c069a76abcd
- SHA1
  
  3da3787a8ea94aa066c5e5d17e42481330e0caff
- SHA256
  
  8187e67cde3292c6f18ea0a40f8f8d3f2cd604e62feec9ec40c71b5d2bcdec9d
- SHA512
  
  947e19e8fad3a761e5e1d0380547a8f9bc06f28cf8103d80865eb9ced9e3ed3d601bd92710ef1cb9fa68d56eb62ae95c1aad78145d455bcb6dda1b8c280f4162
- SSDEEP
  
  1536:Nx0gkZ46QB0MYZ2wcxAhdmDMQ+23mVcb7/8sfjkMQP1Rh5u/UxLiow5No4V3XiP9:PXkZkaMs2TAhdmSYkg35N/9XiPm45ycd
Score

3^/10
behavioral21 behavioral22
- Target
  
  resources.pak
- Size
  
  4.9MB
- MD5
  
  91f8a4b158df6967163ccbbe765e095a
- SHA1
  
  95db67f0a2352fd898f4a4cfdfc860f6a9c58c87
- SHA256
  
  a30b8269e588c6cc2cea5fd4685da3012fd10451edb59a283005116f8e033182
- SHA512
  
  6450d75d53f24d11e1c1e7e3cacfc57ee9dd09c00ca0dc2ff30f580b59a6b17e7ad7d96682195bd7d806b49068653538c77ca4200491560cecff128a0b012d92
- SSDEEP
  
  98304:L300L4ikWDclBYMiqOs7y33cJIVh1uiUdrwrAUFJ7rK5zkIFvd4XTI:z0Q4ivKYMDJOh8iqkrAUXrK5D
Score

3^/10
behavioral23 behavioral24
- Target
  
  resources/app.asar
- Size
  
  1.1MB
- MD5
  
  f64750a616dcdafc38fa3fdaa966fbc5
- SHA1
  
  358b77012f4a1a9c96f6370d4f7b96ab55e302fa
- SHA256
  
  eaddb78f5f24d73c75e3f016457e79f0c1685d5add4ec5647efdcb3e5841b7b5
- SHA512
  
  46221e0b9c11674847b9de39a23effa339ece2fb15ca6036e1bc4444f0dbe1ad6ded144ed2ae511525034210842614d295f001dab64b360c97fb9e2cf3f9e984
- SSDEEP
  
  12288:yJT2cdLKo/l0xsrDIFpVpZ3uQqPjSFxfPfViQt1YCOx:0T2cdKrlt1js
Score

1^/10
behavioral25 behavioral26
- Target
  
  resources/assets/icon.icns
- Size
  
  46KB
- MD5
  
  8f80ca9ee10705d617566a041ccfe010
- SHA1
  
  531c952d46864e1a295c765e236d31147c5b7dbf
- SHA256
  
  a4dc3ce7a64207d10d15c4c537599f47b4ec1f16b53dbf3a92466d050ed4fcc5
- SHA512
  
  ad1184a361b1645c6ec9be311bedf46f1518060e558da758e01fb56d7668b4b611bb1b320f8664c53958d6192c5f3d16c2f7643c2e99246fc6e1fe41bec72ad3
- SSDEEP
  
  768:DEE/FGBpID9deCikSY4CbB5k1yBte6eLjjuX5V6S/00wnkKhVLXCe6sP:YE/FGBpID9dvhd4C95Ey2HX0N/3mLXGy
Score

3^/10
behavioral27 behavioral28
- Target
  
  resources/assets/icon.ico
- Size
  
  107KB
- MD5
  
  61f2a4a068a4f66d4c9989d877956b58
- SHA1
  
  1e417fd77bcb30540b94b5fdedcdae4ae2432811
- SHA256
  
  72869fefc1e9317c157d7f172affdf426559e84998c2bab7881af0c77516a1d3
- SHA512
  
  3158d5c5769958d18029cdea8998e528b34df231a50d08db660400f90518b4b067464597ab3257f3c0aff5b33ee8817b037a8d724a12ba6af79ce2ee2c340d08
- SSDEEP
  
  768:XQkPg9JLMV7zoEMABueLtlcsM0pzqvjj5T2REe:nobLMV78NxeLr5A5T25
Score

3^/10
behavioral29 behavioral30
- Target
  
  resources/assets/images/background.png
- Size
  
  297B
- MD5
  
  32338b60ff8368fd431b32109eae89d2
- SHA1
  
  7a3a844f2e6371c8f3a08a142e2e792a6e77105a
- SHA256
  
  1d370406c3b0c6bfe109feb76229fd4a0fe1d4171ae2a77655a0fd3264558d2f
- SHA512
  
  be71b3dcc24cea203d59e08d8a4082dcf253eb02a971e67034f8cc0930f6af72830b1e35430cc861c08341082156585adcedcbfc788a83ec35fbd78107e20f2f
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32