Discord[.]exe | Triage

Resubmissions

08/04/2024, 11:21

240408-ngfbrsbc3y 9

08/04/2024, 11:17

240408-ndtpzsfg97 9

Sharing

Copy URL Twitter E-mail

General

Target

Discord.exe
Size

34.0MB
MD5

a8fea60f6f5063d7c138e4ad14576d89
SHA1

db8e4a6f1842947bc378ac5011dd78fcb2275511
SHA256

9ff593f005b36394a5d6818ad539c1a735f7b41fae757ef37059cff0485cba1a
SHA512

4f52465df4ffc6631ce24e154a6c31ad7c79f0a39875ed92d789de3c745e32eb6de34098b8a619f500d3a126ccb4d5612e689e6864ad5eb16b97bdc72bf5730f
SSDEEP

786432:4DraRG6lXWOYb4GkHWxifILoZ5EmM7RiQxSk4njm0:3jWlJ+WgICCPSy0

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Discord.exe

Files

Discord.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 289KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 137KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 71.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 33.3MB - Virtual size: 33.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 289KB - Virtual size: 741KB

Size: 137KB - Virtual size: 208KB

Size: 1024B - Virtual size: 10KB

Size: 15KB - Virtual size: 28KB

Size: 512B - Virtual size: 252B

Size: 8KB - Virtual size: 279KB

Size: 1KB - Virtual size: 2KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 280KB - Virtual size: 280KB

.themida Size: - Virtual size: 71.5MB

.boot Size: 33.3MB - Virtual size: 33.3MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 280KB - Virtual size: 280KB

.themida
Size: - Virtual size: 71.5MB

.boot
Size: 33.3MB - Virtual size: 33.3MB

.reloc
Size: 16B - Virtual size: 4KB