General
-
Target
discord_tool.exe
-
Size
18.5MB
-
Sample
240227-zpa8kabd7y
-
MD5
df1a3b9181c940d2aeeedc43997a4d43
-
SHA1
58ed3c402f0cf48a52de6aee4607da749d0983c8
-
SHA256
de52a09d9ec109090b32af3ff15618e6fa80a2413019c82fe9200968c8d3dd3c
-
SHA512
883e833ec2c39a9ca2881345bbf6823e3fff8fc6167937c1f16ce59deb2b288d90df3c6f7bf58dce64c398ebfd37275712a665be1cec8451d3cce1b60d9cd224
-
SSDEEP
393216:HqPnLFXlrHQ8DOETgs77fGF+gYMvE+58akkfXq:KPLFXNHQhE7h7l+fLi
Behavioral task
behavioral1
Sample
discord_tool.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
main.pyc
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
discord_tool.exe
-
Size
18.5MB
-
MD5
df1a3b9181c940d2aeeedc43997a4d43
-
SHA1
58ed3c402f0cf48a52de6aee4607da749d0983c8
-
SHA256
de52a09d9ec109090b32af3ff15618e6fa80a2413019c82fe9200968c8d3dd3c
-
SHA512
883e833ec2c39a9ca2881345bbf6823e3fff8fc6167937c1f16ce59deb2b288d90df3c6f7bf58dce64c398ebfd37275712a665be1cec8451d3cce1b60d9cd224
-
SSDEEP
393216:HqPnLFXlrHQ8DOETgs77fGF+gYMvE+58akkfXq:KPLFXNHQhE7h7l+fLi
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
7KB
-
MD5
b56af112abd2896c9f4e9002f0177a45
-
SHA1
b1b9776e1ab58bab5585004467495902079bfed5
-
SHA256
45eed04e3e91d024054ab356efe5e1024dae9adfd22b87d36b5b4379183e0a6a
-
SHA512
0f94f2205ad53bd9d90f5ec2df42ccdb6c6ca626ced86612c666915a624617e47a0dd40148d07c1f38fc27634bd9e1a09ff351c2f15fa829b879db5fc0300fbc
-
SSDEEP
192:wuwVLsD8gZeIWdXwklzTmS8JhwbgV+Mdwe2Dnw:CetWukjQ2bS+Pe2Dw
Score3/10 -