5c32e90bb3d4f2a77deb7a2aad75e515aada16cdeb2114fe5af9e39548b6d51a

Resubmissions

12-02-2024 17:57

240212-wjjqzacd79 7

12-02-2024 17:56

240212-wjcbwsag7t 7

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
12-02-2024 17:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ultimate Discord Nuke/ultimate_discord_nuke.exe
Size

11.5MB
MD5

a86bc9c2f2c363e6a86afb3078c33c68
SHA1

5d416d8945aeaac22c9b58e890114048d85f7f1b
SHA256

a1ea0d96d6ebb8587c2e9a3af50b9b95893229e66dc9038271c19c465e1e4432
SHA512

292650a56747cf252237894f7392d3fa108fc5637f1dbe53e062913e44fd2774c84da2387cfc6e71f479af3b410c1fe83f4694905036d89d41c2b7192a167aa2
SSDEEP

196608:pWIIJi5fmzONYXz5neX38DXDQ9xtbYPvbJQlHHO2SvWssYupK8CKwIwPuHxKTrbf:qJ3p0MDTQ9xkJQlnVMLPuHEz8Ati

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 9 IoCs

Processes:

ultimate_discord_nuke.exe

pid	process
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe
2436	ultimate_discord_nuke.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

ultimate_discord_nuke.exe

description	pid	process	target process
PID 2792 wrote to memory of 2436	2792	ultimate_discord_nuke.exe	ultimate_discord_nuke.exe
PID 2792 wrote to memory of 2436	2792	ultimate_discord_nuke.exe	ultimate_discord_nuke.exe
PID 2792 wrote to memory of 2436	2792	ultimate_discord_nuke.exe	ultimate_discord_nuke.exe
PID 2792 wrote to memory of 2436	2792	ultimate_discord_nuke.exe	ultimate_discord_nuke.exe

C:\Users\Admin\AppData\Local\Temp\Ultimate Discord Nuke\ultimate_discord_nuke.exe
"C:\Users\Admin\AppData\Local\Temp\Ultimate Discord Nuke\ultimate_discord_nuke.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2792

C:\Users\Admin\AppData\Local\Temp\Ultimate Discord Nuke\ultimate_discord_nuke.exe
"C:\Users\Admin\AppData\Local\Temp\Ultimate Discord Nuke\ultimate_discord_nuke.exe"
2⤵
- Loads dropped DLL
PID:2436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI27922\VCRUNTIME140.dll

Filesize
81KB

MD5
4c360f78de1f5baaa5f110e65fac94b4

SHA1
20a2e66fd577293b33ba1c9d01ef04582deaf3a5

SHA256
ad1b0992b890bfe88ef52d0a830873acc0aecc9bd6e4fc22397dbccf4d2b4e37

SHA512
c6bba093d2e83b178a783d1ddfd1530c3adcb623d299d56db1b94ed34c0447e88930200bf45e5fb961f8fd7ad691310b586a7d754d7a6d7d27d58b74986a4db8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\_ctypes.pyd

Filesize
113KB

MD5
3a2e78784b929003a6baceebdb0efa4d

SHA1
abb48b6a96e22b9bd6d2a8443f5811088c540922

SHA256
f205948b01b29cb244ae09c5b57fd4b6c8f356dfcd2f8cb49e7cfd177a748cf9

SHA512
ad5a9a5143b7e452d92cc7ea5db12967b2073b626be3437d17041d7ae6d82ee24b15d161d2f708639d3bbf8c657202cd845009a219657557203497ea355876ce

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\_socket.pyd

Filesize
67KB

MD5
cea329ce0935e99a8bc01070f07fefaf

SHA1
9d81307e9559d0661633530e5756957b05d84268

SHA256
d1a4d66c557c2fe7dc441614ca62e67f37ec44bef5a762bac41bac15d491a930

SHA512
b6aea9c2221bf35b0895c35942cf3c9613ec7919540b4c24a3b97d7a0846256e9ba654e8f233fadca1b15ff0b7d30d73adfaec85bcadb6100fd73e62d3a068ab

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\_ssl.pyd

Filesize
139KB

MD5
b9ecf769fc63a542a113ca1552dc7a7b

SHA1
04bd2c2f6f3ae7d8d996c0166d98e0d6aae7b514

SHA256
e0bdb16cffc7b5a19c5af22d8a33d3c999d55a3117f2da07ed3171ca9487927e

SHA512
593075258548d3ab125ea2f71822662d5ab19c8e036edaf2b92eb63fe721af09fbeae27fdb36e033f654fb55e78a5922a18d5a527fd1c815f691950ba6adcb85

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\base_library.zip

Filesize
768KB

MD5
2f6f14ba70d0e0b222af71c3b7b051a6

SHA1
196cc7cabac34242b8fe2c6ac654ef5bd53368c2

SHA256
5e831304ea917e4aee85e34ff95f2eb7a96a7404a37eb6f44b7bdac3a1e66fee

SHA512
edea800225e3a8cebe296036931334af1dcd8c6742b8fe7f0b0e2d6be731177297b4e8c4201686c50034d7fef9d84688345993dde4cca17df6290bb1890e0aa2

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\libcrypto-1_1.dll

Filesize
2.1MB

MD5
73def838c090acd4be070c649cbd3bf1

SHA1
3dd16cf7740119e7a1d4f56b4c4934a724682e84

SHA256
52d89fac9e42d87300e1427cb41c331f78a7e488d0cbbed8db4adf9d930c89d1

SHA512
1a1e799cce4986059b53856761810f63829cbc5ead197032ce02e9d3905804d34c8d4d8fcf8a0fe5ac9e5f2f30883f7d4181d0551d4195c2356baf3ff5bd0da8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\libffi-7.dll

Filesize
28KB

MD5
bc20614744ebf4c2b8acd28d1fe54174

SHA1
665c0acc404e13a69800fae94efd69a41bdda901

SHA256
0c7ec6de19c246a23756b8550e6178ac2394b1093e96d0f43789124149486f57

SHA512
0c473e7070c72d85ae098d208b8d128b50574abebba874dda2a7408aea2aabc6c4b9018801416670af91548c471b7dd5a709a7b17e3358b053c37433665d3f6b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\libssl-1_1.dll

Filesize
528KB

MD5
ad77250dbaa7faf0c2c9e13d717faec7

SHA1
d6450be5a28caac59d47ac620cd128febfbf95ab

SHA256
ccba760e6607fb6b08215452a8c0b6f84b2cb13937e86514995e9e86352f487a

SHA512
ae89207cd3831b8d0be8b336a9336b69541d1d86e9b9b331d0a64a5bb97c2c9481e735b72bc958bfdb0458f49311b2bd4fcf6d4ca255b7ef510d02de1573c096

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\python38.dll

Filesize
3.9MB

MD5
7e771d92e814a9fe3520b9f1af6176e0

SHA1
2b1d2fc31fdc2d1940d3835e1e62214414e6cffd

SHA256
54326ecd163c7fffcdd02620490b6bde727c6a3153bff9706cf086510e4aa36d

SHA512
547bdf9048d3b3bc88741ce2307ed4a48b10407d17dbb9f5ba5a727d59d208069abddb90d24b3d4bf0aa5ced2bdcabec3230baf73f2576652035afe5a1297667

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27922\select.pyd

Filesize
23KB

MD5
26bc7e9826bc13a4d0cf681b0e5cf3c8

SHA1
effff42e88cdd66bc4397de1a6d3b5ae540f820b

SHA256
8e7366cf6e128f977f8977a8db45a714ba72e643b31bd26b7676f33d3d8df612

SHA512
16d92785a234e60301aa6c4c5d508bdaff805689d4f160ab3c0c4d0c2376dd3616f676ad2fa81c08ea80e4fb862c3a15e1b59212508dddb388c8a768726b018a

Download Submit