discordrat | Client-built[.]exe | Triage

Resubmissions

12-02-2024 20:17

240212-y2s4gadc25 10

Sharing

General

Target

Client-built.exe
Size

78KB
MD5

ff6a69da66279079f616d3de7c85e04f
SHA1

4f25bae01e4e95e4a516dedda9e8351930bd3b41
SHA256

a9945e18c80f96c0100dfe934cfbf098be9de16a673046cf51862b7f1bdb67df
SHA512

ff77dc95866b1a30ebc6b99e09e176eea68e3e1c4be9f15f91b85a28957f33a3f18e07a8e5709a9197df0f2b5c215b5ad4a643b512edafc7fb2d1e6dc1b9600f
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+SPIC:5Zv5PDwbjNrmAE+eIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE4NDI4NTU1MjI4ODIxNTA4MA.Gdwwf7.J-dwnxzsBWgU48NJFl8MmpdnNK_FLTqDZU_oPU
server_id
1181656907304407141

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Client-built.exe

Files

Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ