General
-
Target
VapeV4.exe
-
Size
78KB
-
MD5
17e58ffd0abf9ba7964466584ae46740
-
SHA1
f5ef7335eb376b00537aecaa64dd4dbf729dfb92
-
SHA256
3871e3bef6cdcdb6e4381fce488393c6676d5d0a6f7c603d48fa243e0dab65f3
-
SHA512
8947599992a210c33de623faf09ea5dbfd3b14ac131fa7e6e22a97444f74803a91fb423bc6f7324d2a3b1ac00ba9bb4c1f760be00f156e2c1fc1d4c24f389d4d
-
SSDEEP
1536:N2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+RPIiYd:NZv5PDwbjNrmAE+BIiYd
Malware Config
Extracted
discordrat
-
discord_token
MTE5MDc5OTgzNDc3NzY2OTY1Mg.GRoCmi.Rs68s_ZTOVKiZOfNPPA4GaJlk2URAcKRRkpuaU
-
server_id
1190800178446340146
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VapeV4.exe
Files
-
VapeV4.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ