Overview

overview

7

Static

static

1

DiscordSetup (2).exe

windows10-1703-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    DiscordSetup (2).exe

  • Size

    107.8MB

  • Sample

    240427-s714dadc8z

  • MD5

    25beefa29ba8c2053810ec13c28d0e94

  • SHA1

    94fd75a4e59c47df12397b2c1474f385d1ffa680

  • SHA256

    e19e717b5b7bf0130b04878dcef2d332aa1c6fad6407fff65613d76a1d5bd6eb

  • SHA512

    b89795255e0ef5bdf28cc82aeba9feefbc29fe3cf23fe95d31cb36d30474069a81909b518244243d0c13ec897b6b8a085b2e6e03247273e11590abc3dade63ed

  • SSDEEP

    3145728:tBBKIZ3DZM9X5tJHVF/ofuKn077biuvQipWIksKGfg8:jBx3mt5DVF/oHn077b1QiEIkZGo8

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      DiscordSetup (2).exe

    • Size

      107.8MB

    • MD5

      25beefa29ba8c2053810ec13c28d0e94

    • SHA1

      94fd75a4e59c47df12397b2c1474f385d1ffa680

    • SHA256

      e19e717b5b7bf0130b04878dcef2d332aa1c6fad6407fff65613d76a1d5bd6eb

    • SHA512

      b89795255e0ef5bdf28cc82aeba9feefbc29fe3cf23fe95d31cb36d30474069a81909b518244243d0c13ec897b6b8a085b2e6e03247273e11590abc3dade63ed

    • SSDEEP

      3145728:tBBKIZ3DZM9X5tJHVF/ofuKn077biuvQipWIksKGfg8:jBx3mt5DVF/oHn077b1QiEIkZGo8

    Score
    7/10
    persistencespywarestealer

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks