discordrat | Erics Untergang[.]exe | Triage

Sharing

General

Target

Erics Untergang.exe
Size

78KB
MD5

ab433a59759c25b478fc1ec8f7f377a6
SHA1

7b7240713ef5c99efd2441025a62a4ff92e09a33
SHA256

d9cdc51de340cdc2659c255a733ba2e8d5fccacec18d5b9351be5def1a8705ff
SHA512

522c1ab17fff3243da0652fe8fb0f6461366e634d1810a50089ca844405dcd5ba67dbae15ed90d672238c260756e131b3d38444d849b6af3c030d5f49a8f4cd6
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+raPIC:5Zv5PDwbjNrmAE+rGIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIyOTc2OTg1NDUyNTkwMzAyMg.GFYmGD.QDZtMe9MhIoDleU68RmFqXoTfYxCF4KLi9BBHM
server_id
1169727745656365087

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Erics Untergang.exe

Files

Erics Untergang.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ