C:\Users\maxim\Desktop\Discord rat c#\Token grabber\obj\Release\Token grabber.pdb
Static task
static1
General
-
Target
Discord-RAT-2.0-master (1).zip
-
Size
5.4MB
-
MD5
d24f0cce51f4184f0efbaef5e0d553de
-
SHA1
ce1e92edbda5a6fc30c75188e1e432a02ff310c8
-
SHA256
b28af456a2c45c92c03b096fc6fdccbab1a4e964aa7498bd6fe1e29e7f9a0cc5
-
SHA512
01680850994db28ebc11b573fb7c8be9247f7a051a0a8cb70c779639accb29dcbc5446433e8667a714a85cadc709e6e9931c764a46d21171b6be8b64c540ec07
-
SSDEEP
98304:UcHsT5pi2GYyXZeDDTaJQD2Rnz/xtCsn4l4Aqp/3djoapBAgt5TkoapBThyYhpon:VsTvi2GFkH6y2RndtCEAqZlVpB+VpKsw
Malware Config
Signatures
-
Unsigned PE 8 IoCs
Checks for missing Authenticode signature.
resource unpack001/Discord-RAT-2.0-master/Discord rat/Resources/PasswordStealer.dll unpack001/Discord-RAT-2.0-master/Discord rat/Resources/Token grabber.dll unpack001/Discord-RAT-2.0-master/Discord rat/Resources/Webcam.dll unpack001/Discord-RAT-2.0-master/Discord rat/Resources/rootkit.dll unpack001/Discord-RAT-2.0-master/Discord rat/Resources/unrootkit.dll unpack001/Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/net35/dnlib.dll unpack001/Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/net45/dnlib.dll unpack001/Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/netstandard2.0/dnlib.dll
Files
-
Discord-RAT-2.0-master (1).zip.zip
-
Discord-RAT-2.0-master/ConsoleApp1/ConsoleApp1.sln
-
Discord-RAT-2.0-master/ConsoleApp1/ConsoleApp1/App.config
-
Discord-RAT-2.0-master/ConsoleApp1/ConsoleApp1/ConsoleApp1.csproj
-
Discord-RAT-2.0-master/ConsoleApp1/ConsoleApp1/Program.cs.ps1
-
Discord-RAT-2.0-master/ConsoleApp1/ConsoleApp1/Properties/AssemblyInfo.cs
-
Discord-RAT-2.0-master/Discord rat/.vs/Discord rat/v16/.suo
-
Discord-RAT-2.0-master/Discord rat/App.config
-
Discord-RAT-2.0-master/Discord rat/Discord rat.csproj
-
Discord-RAT-2.0-master/Discord rat/Discord rat.sln
-
Discord-RAT-2.0-master/Discord rat/Program.cs.js
-
Discord-RAT-2.0-master/Discord rat/Properties/AssemblyInfo.cs
-
Discord-RAT-2.0-master/Discord rat/Resources/PasswordStealer.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/Resources/Token grabber.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/Resources/Webcam.dll.dll windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\maxim\Desktop\Discord rat c#\Webcam\obj\Release\Webcam.pdb
Sections
.text Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 872B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/Resources/rootkit.dll.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
A:\Code\GitHub\r77-rootkit\vs\InstallStager\obj\Release\InstallStager.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 220KB - Virtual size: 220KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/Resources/unrootkit.dll.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\maxim\Desktop\project windows + android\rootkit\r77-rootkit-master\r77-rootkit-master\vs\InstallStager\obj\Debug\InstallStager.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 3.3MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/.signature.p7s
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/LICENSE.txt
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/dnlib.3.5.0.nupkg.nupkg
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/net35/dnlib.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
/_/src/obj/Release/net35/dnlib.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/net35/dnlib.xml.xml
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/net45/dnlib.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
/_/src/obj/Release/net45/dnlib.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/net45/dnlib.xml.xml
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/netstandard2.0/dnlib.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
/_/src/obj/Release/netstandard2.0/dnlib.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Discord-RAT-2.0-master/Discord rat/packages/dnlib.3.5.0/lib/netstandard2.0/dnlib.xml.xml
-
Discord-RAT-2.0-master/Discord rat/settings.cs.ps1
-
Discord-RAT-2.0-master/README.md