Overview

overview

7

Static

static

3

DiscordBot...64.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

7

resources/...e.json

windows10-2004-x64

3

resources/...ORY.md

windows10-2004-x64

3

resources/...ICENSE

windows10-2004-x64

1

resources/...e.json

windows10-2004-x64

3

resources/...ICENSE

windows10-2004-x64

1

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...ICENSE

windows10-2004-x64

1

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...js.map

windows10-2004-x64

3

resources/...ore.js

windows10-2004-x64

1

resources/...son.js

windows10-2004-x64

1

resources/...ins.js

windows10-2004-x64

1

resources/...dex.js

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...nt.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DiscordBotClient-win-x64.exe

  • Size

    82.8MB

  • Sample

    240406-naqtxshf32

  • MD5

    c0c6e2a8c24b785627f24a5b9a99578c

  • SHA1

    24b5e01d0d89325a8287a4da43837a604737633d

  • SHA256

    8dce8bfce44d451beb4680f2f4541e52b3cb3cd96fab52ed346d2fa87d3e6ef4

  • SHA512

    dbd152e9d8e70bc2a7dac06793944f3c1975f558a26387a2d8b510195d87befd6ba7a49132e5517036396b9c4765ce26b77f0dbe9f262bdada375c0e8701f196

  • SSDEEP

    1572864:LOe4hdTkPnN8+cMdbUAgX2+fDV1NzLFcYse11KVBj1mD0h2ZpwR5UQWFHV:LOe4DQ18+lUAE2OJXFxsM12jYD0h2ZcG

Score
7/10

Malware Config

Targets

    • Target

      DiscordBotClient-win-x64.exe

    • Size

      82.8MB

    • MD5

      c0c6e2a8c24b785627f24a5b9a99578c

    • SHA1

      24b5e01d0d89325a8287a4da43837a604737633d

    • SHA256

      8dce8bfce44d451beb4680f2f4541e52b3cb3cd96fab52ed346d2fa87d3e6ef4

    • SHA512

      dbd152e9d8e70bc2a7dac06793944f3c1975f558a26387a2d8b510195d87befd6ba7a49132e5517036396b9c4765ce26b77f0dbe9f262bdada375c0e8701f196

    • SSDEEP

      1572864:LOe4hdTkPnN8+cMdbUAgX2+fDV1NzLFcYse11KVBj1mD0h2ZpwR5UQWFHV:LOe4DQ18+lUAE2OJXFxsM12jYD0h2ZcG

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

    • Target

      $PLUGINSDIR/SpiderBanner.dll

    • Size

      9KB

    • MD5

      17309e33b596ba3a5693b4d3e85cf8d7

    • SHA1

      7d361836cf53df42021c7f2b148aec9458818c01

    • SHA256

      996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

    • SHA512

      1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

    • SSDEEP

      192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY

    Score
    1/10
    behavioral2

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    behavioral3

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    behavioral4

    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    behavioral5

    • Target

      $PLUGINSDIR/app-64.7z

    • Size

      82.3MB

    • MD5

      14143167a396fb42a960c4045ee225b3

    • SHA1

      f3ffb368a5a8f0a959c5cdb09ccad2bf18abcaa4

    • SHA256

      2b7e6b8b81a8b94f25bb626ca026fcbe7cba2ace8dfa3005da5688d40d1646be

    • SHA512

      26429864c2101d1b70256d607471bac96b82e70de57c3a070ae107f61b1485c1d10698ff2fc1cfde5dfe31d9c5c6e23fd9b0e1eddfd5a048ba75831b087b24ab

    • SSDEEP

      1572864:se4hdTkPnN8+cMdbUAgX2+fDV1NzLFcYse11KVBj1mD0h2ZpwR5UQWFHG:se4DQ18+lUAE2OJXFxsM12jYD0h2Zc6k

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral6

    • Target

      resources/app/node_modules/@protobuf-ts/runtime/package.json

    • Size

      994B

    • MD5

      e4010423eba1cf519ef3791d0fb9b1e5

    • SHA1

      fbe83ec8d1b2738bb3ea01ad9b6a7753310ccd2a

    • SHA256

      7fb5af49b52688806ae50763c1b132cdf424a28ac0b8292b9ea78905e9276a52

    • SHA512

      1fcbd1c509f20a54b8bac828e6c507cc231dc26462b1d9778cd4fd39f86f5ddd4ba920d90a2b4c1f829b204ef20f519c5d7f9277a6c458a287bc182eac143cd5

    Score
    3/10
    behavioral7

    • Target

      resources/app/node_modules/accepts/HISTORY.md

    • Size

      4KB

    • MD5

      5577813327e7b93a2e3aed18f3e2833c

    • SHA1

      58be8678425511c7cfa60e0ee0f009740eaa4616

    • SHA256

      ef66fe7e96fee5760f153fc5059124effa5310895b336585e3a80a93c9f2d9be

    • SHA512

      4318e9d590ce10cf62a5218adca86c0fde7eb6afb49212ba6085f9d6bd9bee85294e4e1b1b00a8b80d51771aafd975cb43ce02a8a2d9463d19a47b64336f9078

    • SSDEEP

      96:se/lRUzCazCZ88Yzi0wWtbIRySLH8dzKCwNOJrI+QUVsWm:hcNi8YwdDFC

    Score
    3/10
    behavioral8

    • Target

      resources/app/node_modules/accepts/LICENSE

    • Size

      1KB

    • MD5

      bf1f9ad1e2e1d507aef4883fff7103de

    • SHA1

      f027af3e61af3880fd7f7b8ba9452a85dd215738

    • SHA256

      71f83c4c0621102a56d9853812777b85751bce7e9726f686f5b056c1f8a4b0e6

    • SHA512

      a1a293eb0097fe87875f3bf908cc0b0ee8f15e995c68e984b6a24e247b2e954407d7941ea96abd7fe002a1bdfb713fdfb0d3839d948a334603f05e644829f606

    Score
    1/10
    behavioral9

    • Target

      resources/app/node_modules/accepts/package.json

    • Size

      690B

    • MD5

      3d5bfc661de1adb98c489f5d38943e31

    • SHA1

      d69992aba556425806ad7983c12c51120bd557ee

    • SHA256

      2322f81dd2d758915806721d35db67eacce0aaa1674f0c62637ded84427d6644

    • SHA512

      6e283019d4c29f63d22e152a0f9f748f5edcc083f84921bae897615930760ec40d7f394ad3f69a1c714277671dd39eca9657c2e0b12549b82b625f13f67bac14

    Score
    3/10
    behavioral10

    • Target

      resources/app/node_modules/ajv-formats/LICENSE

    • Size

      1KB

    • MD5

      b070047241b584db26163b1dca5206e0

    • SHA1

      2f569dda4f86ca2c1a061e005cff04a5a92a8e35

    • SHA256

      9df3bb69929a3b650ed73b3bfa1756725aaff0ac296461605753547004eafeaf

    • SHA512

      8fad4fbe3c52ffd605236731f8ed593178bfd4ae84c5fc9771bf96b9819779195e65d1611432dcf6671a110384c0c1dfbc4f43261acadfab48d2bd8374ce8f07

    Score
    1/10
    behavioral11

    • Target

      resources/app/node_modules/ajv-formats/dist/formats.js.map

    • Size

      5KB

    • MD5

      54c34959164d02a2b3c61afba123a0e2

    • SHA1

      b98f8a6213709cf547bb89dec037680e4e658c50

    • SHA256

      166778cb8feec069034babf6e20700d9c92220d04d70b9d2f90cce95de7fae24

    • SHA512

      397910cd3e7226acf887d6503796e9328a0aefdcdc2d65234b69cce92a52b0de3cf6bda47097f48cf4831f0ecda0a12ad9b7780044b6217473991fb2c75f8a43

    • SSDEEP

      96:flmG5tMAYyIP2Re0W/3ECeKJsjQj+nhECehJfii9Ql:flmG5tMArEV1msmfWigw

    Score
    3/10
    behavioral12

    • Target

      resources/app/node_modules/ajv-formats/dist/index.js.map

    • Size

      1KB

    • MD5

      fdaeaa71d94ed99f9c0dfbc2567d21b9

    • SHA1

      556eb14563e46ad8f9d0b5f94335a248fba93aba

    • SHA256

      aaec578d5a2af589e3d726a6383198fa7b116b4e6c41900f4e5fb285bc9f6a67

    • SHA512

      82eb509302ee0dbc6452c12761693571b07a5b5f54c117cf86303bc29d6482f55e8607f214cb0bce2492db62b457eab71cd3af22febf1cd1db63b735d0f8e74b

    Score
    3/10
    behavioral13

    • Target

      resources/app/node_modules/ajv-formats/dist/limit.js.map

    • Size

      2KB

    • MD5

      21e5de3312c8d8c606d70f5e09d41a6f

    • SHA1

      128e8444cd6131ca35395777818261bceb1a1818

    • SHA256

      80835360b0867a81d4761783a4aec70825d658474e57dbd2a740c05d7b607bba

    • SHA512

      8aeb15cd179b62824d29b05988c3241f9fccb8c25ac6920c85d6e10882dbcc2f86d36d6e157ddf32940056d31436b4fd36b7b47adfbc38654af0a5c5c47b40f3

    Score
    3/10
    behavioral14

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/LICENSE

    • Size

      1KB

    • MD5

      5ed8db7ae36f56c8a5cfc218c41ac926

    • SHA1

      fda08a4fdd236fb894524a04071985d19175b87e

    • SHA256

      a05350a88e318e4f5f2c2a1ff1e2e88daa4dd38e6e78b71cccae422bdc762cc3

    • SHA512

      ad750e585e121344bb036cf6fb4c6f7688172f1731cbcb61aa3200f4be1a30b89206aae37c6abb6367529160f0fd1b1391c4d8dfaf3724bd76e210d416bcbe1a

    Score
    1/10
    behavioral15

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/2019.js.map

    • Size

      1KB

    • MD5

      7333a8b82fa8abf91322e48efb5434e4

    • SHA1

      4fd589453f99120389c967aaaf3ba350e99d012e

    • SHA256

      3da8728ea4c042b694e5d9cadc7da88130b1833b69dd86fc838ba17e9faa938a

    • SHA512

      3656bc7df709a35dc269f934535ab7f5d086746a97c1c7b97190603068c5e13e90c5c33c1f738abaee0c3696a8a5b2a8fe90c6b08de3fb5fbf1c3142c72ae10b

    Score
    3/10
    behavioral16

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/2020.js.map

    • Size

      1KB

    • MD5

      1cb5a63d0cfda966685a7ed16f8fb156

    • SHA1

      2aefd7e32441664277e5bf02ccee711ba1e2824f

    • SHA256

      f0c9a8098ab6ce7ddc821747df6626a1524891ef476bef8f4b2e68da4da238f5

    • SHA512

      895fe83912be20ae10fc9d816ea8ab0bf28ffe5127b03fa6af1ff1c14f4fedd69dc1acdfd0cba0deb767ae1aefe8b8ec05aba7c52deeaf1c799cdc592094cea5

    Score
    3/10
    behavioral17

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/ajv.js.map

    • Size

      1KB

    • MD5

      0201fa5ec567a037148b7a9e89fe49e4

    • SHA1

      5b0296d1f510727a0ad8ed85da20262256c755ac

    • SHA256

      c0ecbe7ced4baf3cf689efc62a89c96febdde7a589b6335d8fbbc8b24b5c8ce3

    • SHA512

      20e963f9de51684fd5839d9afd6064a2b1c2599f8189abfb0c729a8012c35a2882ef039810ed29a9d319fca22c371c5048d5550ae29999f3b4647b2c5e5e1776

    Score
    3/10
    behavioral18

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/compile/codegen/code.js.map

    • Size

      5KB

    • MD5

      9db2e293027e4c9644d6b7dfc437c239

    • SHA1

      b1cc4a2da745b9b63b3c97c733ce9a911c127df3

    • SHA256

      9c103d0eedbf2bc6314c7ff9915789b5c7ccaa4fd6b6ad7ec07726275fa08d17

    • SHA512

      c1228b508f1ffb0b336a36e693da49d828d74f1164b1ed8d6b6190313482fd64d741dd49c68eb0dad581334339f200ae45ba7c1bb1301ea5b4af243934d8fcf7

    • SSDEEP

      96:fMHuTTckyAe0e5gdXenpm+j/m/Rh/zECzF/zfA44I1CzOTzl:f3TcnNWqGvznz5z71CzWzl

    Score
    3/10
    behavioral19

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/compile/codegen/index.js.map

    • Size

      23KB

    • MD5

      1bfac810ca30f87777fb05281894a9b4

    • SHA1

      2874ded16ce520c3c8163b499f07dea6893a933a

    • SHA256

      09ff1fca3dded366cf677d63c3381e133ebd12ef4a8df51920ca0425dae96a56

    • SHA512

      7268676e3d2422d61333b7d9384d1b16b17f986983aeb1c04d328cf5302a7d0a7c9a2d873922e2df552f86d087565b6c3f6a23f221444a3242f1968f6ededf1e

    • SSDEEP

      384:fHzXQG1qEiYr6IBWQq1BFaABFyhPZ5J3YBF:/zxqEiYr6IBWQqLrBFyhPZ5J3YBF

    Score
    3/10
    behavioral20

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/compile/codegen/scope.js.map

    • Size

      4KB

    • MD5

      2ea3d5f51617c9b8cd4dddc713e3f712

    • SHA1

      73ca6a5ff29206a25031c154257df7d7f76289c1

    • SHA256

      fb05243422655ff225c98dc2d15c65357b1659fd6a9527166e9d087d3c08a2a4

    • SHA512

      c1c46d6a52a3684671ad8c47ffc30d56f810fd99d581932598153ad219ae8be067ba5a21922b5f7e69a1ba337a3e2bbdc50224c41f0d7e360807baee7a10d569

    • SSDEEP

      96:fn3KwKL/e2/Dma5/RbFXLDeRRMX5Z0EFnm/nCMmH6C:fajLzyaRLyRR65Zevq

    Score
    3/10
    behavioral21

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/compile/errors.js.map

    • Size

      5KB

    • MD5

      0a4bce52a83970e8824db076210d7f8d

    • SHA1

      80aad5c08d80069cffbf1111a402692f1f8c5ea4

    • SHA256

      0a75fda9837be078429d6f2b43f73e42bf57f70e86d23d326f7c7c9cd8ae4416

    • SHA512

      c218021b16edba0fa89b8dab6ebf7f27fa1efbede812de9e70ccacc6c00c01875a1461d1580537aa45c6c8c6816893a6e234adc34d4828d8118d0555fbe07ba5

    • SSDEEP

      96:fC77XRgFvynlvgnSiVE5480hCLWWg3Wj4/uAxku55DYu5wFK01AT7at7mcvtrvFl:fY7XRwvynlvgvVg480hCyWg3k4/uAxkJ

    Score
    3/10
    behavioral22

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/compile/index.js.map

    • Size

      8KB

    • MD5

      401fdfb8038a78b52add74a78f30f385

    • SHA1

      0e3e787d634b0c72bad194bbc398825b3751a0c5

    • SHA256

      06c36fb8eac313b98580c849d6bcbc6f5164a5bd55b4ec8d3024f3f6ee827ef8

    • SHA512

      50efa128603e22c46872961c120cff802b9b801d2ff838f1e079c0b234681c8940c785eea3c3b552b8e2c7ca7ceda95beda12cded8a7b2f2ef1bef831be14166

    • SSDEEP

      96:fhA4vySn4JZT998TUTSjnjLPcuFoAdDo9YrekpT/Hrf42lyzeNfTQUXNHN:f64aIshCU6jLPbiAdk9UpLXlyzCDXNt

    Score
    3/10
    behavioral23

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/compile/jtd/parse.js.map

    • Size

      15KB

    • MD5

      d8e0e7be5cb90dee2b8a474f89d39dcf

    • SHA1

      5a7a6782a978368510facd1996b52fe25a77aba8

    • SHA256

      aef2327bf59b1648325681f2ae487d2f2bc7d6f0ab8d55b007ec7c2fdecf6d89

    • SHA512

      d328691c94acceb777cdd1e7b1e63e7b59d6ae901bf900571718c2305c98494fe48049e8f63dc75b3d9159d9406a9805dd379dc4ea8bcedf02a5b7a143f0a310

    • SSDEEP

      384:fVhE5SpdfSvAAmvHYVdH08OY3SiLW6bl/2jXq8swU80t:Nh8SpdfSvAAmvHYVdH08OY3SiLW6bl/T

    Score
    3/10
    behavioral24

    • Target

      resources/app/node_modules/ajv-formats/node_modules/ajv/dist/jtd.js.map

    • Size

      1KB

    • MD5

      660f2c8d0863e967adc4c3b62bdc7172

    • SHA1

      819b03678cfc7918bfb9934219fc27880e465567

    • SHA256

      3394fb70045b57e995265eb0f605089291f94ae9e2dae189312662bfd55a0d76

    • SHA512

      a2f8538085bc903d5ce2709ae5a54e6ff92de96a805ae0d2e5ecc2541693c9f367bc6b3b90cbf9f9b9639fa9e5a3e54ea4cc5dee5916befe130025631d27c1e4

    Score
    3/10
    behavioral25

    • Target

      resources/app/node_modules/conf/node_modules/ajv/lib/core.ts

    • Size

      29KB

    • MD5

      3ed9576d72c42267043bc805bf7355d2

    • SHA1

      6124b71d20f9b42808ba6371c033f7c8ed2fec43

    • SHA256

      a210705fdbb8a4deddf89a873258f6c0b4e1df3b586e2312c7af50bb18ed5979

    • SHA512

      1714ba877afe92fea92a62b513831ea3471027914a3cfcd16b59244fe33218793514f89eed7cd12ceb4daef7a44f3cc7f127e3263ad72c6e2b59f63081121b83

    • SSDEEP

      768:Q5dEPSSObBy9LBzhfFSpk3K3mww+/bA7xbYv8CuEIJhA7K:Q5d6SSObBy9LBzhfF6kaLZvv8Cuvh/

    Score
    1/10
    behavioral26

    • Target

      resources/app/node_modules/conf/node_modules/ajv/lib/runtime/parseJson.ts

    • Size

      4KB

    • MD5

      9979b2271c7620f5c4b23904f683d350

    • SHA1

      2c90a14958843452967345786c03147f7e82adf9

    • SHA256

      c761939186af5a6b97799d2a52a786d918a53bec4e0d31b7f656d07be12ddaa7

    • SHA512

      b7a53a2c22df21a1c15795e6e57d8fd1589e419f812d8c50ecae68661f588e13f4df956edd8f71ccdd4e35cb8c57c856fb76d68cb4e1e945907bc7cfc16e525d

    • SSDEEP

      96:qMFZsXXnNUM/BeytQ+8k84EiOpvJcEiQruqMvTRF4U8je5juVyN9Nh:bsXXNJBeytQ+TWIQru3X4U8y5ysN9Nh

    Score
    1/10
    behavioral27

    • Target

      resources/app/node_modules/conf/node_modules/ajv/lib/vocabularies/applicator/contains.ts

    • Size

      3KB

    • MD5

      79a3cf0230225538e85350cdc60edbeb

    • SHA1

      18852896f727c2a1f6ad27bb2de7f2c60bc1ded6

    • SHA256

      731c74710381d5484725d7e2bfa97e1f809a495ddae9bd0226a7c91578aeef05

    • SHA512

      24072e8cdb64cd0ba34f4242f218e78ddf17d2f473cab87214d2810773738e17e1e65fa2cb22ecc55aecd5a282a3a64c663a575a022aa46dad80141240b07c29

    Score
    1/10
    behavioral28

    • Target

      resources/app/node_modules/conf/node_modules/ajv/lib/vocabularies/discriminator/index.ts

    • Size

      4KB

    • MD5

      f8a6936a1858df3567e4bf06eec89e29

    • SHA1

      dea165d3dd827da44501c20e4f00c702130346b3

    • SHA256

      14a3893722d04771140d5427f1c26eb546cfbbcb079f1940a2de816c949e4275

    • SHA512

      08b2c35c27e44f3978c38af58f6858942e6240e8d469c071e3a2bed9548f40d8d38bbbaab7994b2bd77cddc1a4f185f52f186f7fd2838f58f12814536dc274d4

    • SSDEEP

      96:cVQ1CECoBRA8K1/kgg0cmPF2CEFLcaLNC+M04gV:9mDrgxUFiLRz548

    Score
    1/10
    behavioral29

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    behavioral30

    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    behavioral31

    • Target

      $R0/Uninstall DiscordBotClient.exe

    • Size

      148KB

    • MD5

      ce61fb0923728ff8586e18364fda9faa

    • SHA1

      73ef3df89a62e9e2213aa92137e8754b99220953

    • SHA256

      af91244e18ccba867192ee2cc30976691a47f2d36e0438b91705224d521a93d5

    • SHA512

      6d5331cd622dba3ed644fb2e42a4b2611d5600d0fcf7b9bb7deb025a790ab59edef294212183e1019feca1f342b242c999bc41f0c253622d161e704f4aff5c30

    • SSDEEP

      3072:in77v00hEoDEtauupT4cbKrnrJflaH2tvhOEA1RJCir86SrSrv6Ia38:i740I8scbQrJds2t0EyL+yaM

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral32

MITRE ATT&CK Enterprise v15

Tasks