General

  • Target

    Discord.exe

  • Size

    148KB

  • MD5

    93fc7ea878e7064b106d4523933c2af5

  • SHA1

    49606faf1859f5fc620da49462a1454387c23333

  • SHA256

    5c783017b84a20693aea8d02ac1bad7235c063bcec361d38dea45b9ab4be3395

  • SHA512

    ed0e2f31c9849fd8be3d0121410f324a59b90952d3a34f6af56513d9c2840c009ceeb230a21c37eaca7cd7c908ab532eb783d632d711967f74bcedba98339e62

  • SSDEEP

    1536:BPkk7Rb5zBeEbkUmwk8td6k/RuTT5cOIWDn07i1He4p:BFRmEbkUfNj/EmOnDmo7

Score
10/10

Malware Config

Extracted

Family

xworm

C2

country-depend.gl.at.ply.gg:38853

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    discord.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Discord.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections