Behavioral task
behavioral1
Sample
CatWare-Nuker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
CatWare-Nuker.exe
Resource
win10v2004-20240221-en
General
-
Target
CatWare-Nuker.exe
-
Size
290KB
-
MD5
47685feb5e2eeacc958c1efd25633b1a
-
SHA1
261cafb2622320dc14dcfefc31481628582518c9
-
SHA256
628d9e3a5515899777f9b2ef321673cadf93734a035adf1ffedd94cce3c3a499
-
SHA512
887f83ad6444a0b4d6600c27f7db9f4fa60b97362b7ab66ac62e60256b6af2111a67a74e2bf8f638dbd3295b2c18a429e147a4a344a7a7552a6156707ffad9be
-
SSDEEP
6144:wv5PDwbBrBIYFOb9cYYXNHqicllitUczh6B9R2d9VxYEls1FjJxqa:wv5b8eCrdVc3iT6o9w
Malware Config
Extracted
discordrat
-
discord_token
MTIxMTA5OTM2NzcyMTc5NTYzNA.G70pQ3.qyY48cmh2SJtYIOWlG3foa8Y6OUXwjioSm1FOU
-
server_id
1211092147235987486
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource CatWare-Nuker.exe
Files
-
CatWare-Nuker.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 213KB - Virtual size: 213KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ