Analysis
-
max time kernel
29s -
max time network
20s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
18-04-2024 19:06
Behavioral task
behavioral1
Sample
StarPredictorV8.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
StarPredictorV8.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
StarPredictorV8.exe
-
Size
78KB
-
MD5
6853d172cb6541f87621bee250b872e0
-
SHA1
be9df9068b361b6ec32d4d12f8c45f14753b10e3
-
SHA256
37d6d9f29987afae8c860a6f3fdd3645e71654fe56d2765a3d9a9310b24597ad
-
SHA512
8348ebd28b9683b39ee49aa67625bbe3f126e6e4454ce391d60de072d21964a51e828059ebb30a769c0da28f003a16d2ac087439f6db4c240d9fa00b126b5c3e
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+hPIC:5Zv5PDwbjNrmAE+xIC
Score
10/10
Malware Config
Extracted
Family
discordrat
Attributes
-
discord_token
MTIwMjI5NDQyMDg2NzkxMTc0Mg.G_IGPJ.e5G7ZTy7lxD6XVLCjQSUyIfNknmxDjQfb0El_g
-
server_id
1202294602145468516
Signatures
-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2744 wrote to memory of 2596 2744 StarPredictorV8.exe 28 PID 2744 wrote to memory of 2596 2744 StarPredictorV8.exe 28 PID 2744 wrote to memory of 2596 2744 StarPredictorV8.exe 28