General
-
Target
image.exe
-
Size
78KB
-
MD5
20040d1c7db4f41b5037e8f72282dad9
-
SHA1
d4a6988687d5b767922964c258257fa806d4464d
-
SHA256
28741c4bc220c52dd24ec45641072ae3fc319586e1c94886850ef0e74ddb95c5
-
SHA512
233883dc0e0a0cc8474ce9c8a6fe5f98b7494f3a406d23ea32c6aca72d402308c8f9e1409af6b4fbaa5e93ac96efe5393fcc9c00e2b45a5c8c897ed403860677
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+IPIC:5Zv5PDwbjNrmAE+MIC
Malware Config
Extracted
discordrat
-
discord_token
MTIxMzAyMTg5MDU1MDA0MjY2Ng.GSmB4g.z7mEl4nRyHZl4zLjxgwZ_ERwgZQJEakPOZ1N4I
-
server_id
1213023729379053639
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource image.exe
Files
-
image.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ