General
-
Target
discordpy.exe
-
Size
67.4MB
-
Sample
240425-hg6aasgf41
-
MD5
45f47a5c459a61db665e25156806514a
-
SHA1
d5dc5bb256a63f88c58b2d9fe12b877589be42e9
-
SHA256
8fd185a5499d728eef4cd181477b0720a60c8be143ff2628941bb2a5985b1f73
-
SHA512
93470ab27d3d5ce4e90a771639e9df2138bd31155fb71912f45c9541c744186dca6b61769bea1ca12a38d26c4baf2e49f234511928343811b457a9d1a3feba09
-
SSDEEP
1572864:vZJH0iAFP/V4f6Gj53ikjt4jRq2GqFOPV5aEm2qHWB75i2Afyo+udKj:it/VG6RmtCRlGPr1m2qHO5i2eyT
Malware Config
Targets
-
-
Target
discordpy.exe
-
Size
67.4MB
-
MD5
45f47a5c459a61db665e25156806514a
-
SHA1
d5dc5bb256a63f88c58b2d9fe12b877589be42e9
-
SHA256
8fd185a5499d728eef4cd181477b0720a60c8be143ff2628941bb2a5985b1f73
-
SHA512
93470ab27d3d5ce4e90a771639e9df2138bd31155fb71912f45c9541c744186dca6b61769bea1ca12a38d26c4baf2e49f234511928343811b457a9d1a3feba09
-
SSDEEP
1572864:vZJH0iAFP/V4f6Gj53ikjt4jRq2GqFOPV5aEm2qHWB75i2Afyo+udKj:it/VG6RmtCRlGPr1m2qHO5i2eyT
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
windef.pyc
-
Size
31KB
-
MD5
5e70eda0de72c5dbbd5ff6a86e2e7694
-
SHA1
c3da1694c7d63e4d0050a52e21cf99ec064788c9
-
SHA256
f1dd109b6bdacf0c70c01c2fd0585d624b4d3d707fd9808ceb620a9e0816ba3c
-
SHA512
f24b6f4687dc2821a8c070f3f792dc1792b7f418d4a49605143de2a291ad6cd946f7ed5c2769020d382da8c388001438d35afdbc8e7d0b0b5be133e6a4870713
-
SSDEEP
768:Fz9pK3NFSYcccA0Wrb/tReEXmbKdCl6Vzl4ST4hTJEn9U:5UDSAn3DXmbVl6du8MJEnu
Score3/10 -