General
-
Target
prestigev2
-
Size
470KB
-
Sample
240425-3rtz8sgc72
-
MD5
ab5ff00162c761144b4d02486b3c0b08
-
SHA1
102111e6d7cd70274a2b9e5c57d3099ee8f0e79f
-
SHA256
4d12cef8e56f92b53f548491b58deb9e774c3739301b7d21d87d62cf1256831b
-
SHA512
18a2fe795c92d00b0523d460c2f460515d9b39979c694a93f4d47f13f429f518b94db0c39c176d32d1e9ecb84eaa7e33e4d53814b31c8d206296ad9543b696ba
-
SSDEEP
6144:XE+yclwQKjdn+WPtYVJIoBfUuC4jI4eYOywyKQtgKuXQAZKRZS5jMfUoTf:XBdlwHRn+WlYV+934jQYOywjggga2j
Static task
static1
Behavioral task
behavioral1
Sample
prestigev2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
prestigev2.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
discordrat
-
discord_token
MTIyNzQyMzE4MDEwMTEyNDEyNw.GQOmio.DYcpMY415SdKKyjsQySmQRxNjb4DdWgtJzAzRQ
-
server_id
1233198387088719893
Targets
-
-
Target
prestigev2
-
Size
470KB
-
MD5
ab5ff00162c761144b4d02486b3c0b08
-
SHA1
102111e6d7cd70274a2b9e5c57d3099ee8f0e79f
-
SHA256
4d12cef8e56f92b53f548491b58deb9e774c3739301b7d21d87d62cf1256831b
-
SHA512
18a2fe795c92d00b0523d460c2f460515d9b39979c694a93f4d47f13f429f518b94db0c39c176d32d1e9ecb84eaa7e33e4d53814b31c8d206296ad9543b696ba
-
SSDEEP
6144:XE+yclwQKjdn+WPtYVJIoBfUuC4jI4eYOywyKQtgKuXQAZKRZS5jMfUoTf:XBdlwHRn+WlYV+934jQYOywjggga2j
Score10/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-