Overview

overview

7

Static

static

1

DiscordTok....0.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    51s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/04/2024, 08:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DiscordTokenGrabber-2.0.jar

  • Size

    22KB

  • MD5

    8f2b67a4680fa1047336a9142d1e6dab

  • SHA1

    154fcd179d28f3d31e02f0073b7cb6286ac9f002

  • SHA256

    9313e65552e2d706d9c68c3053acee3462fa646b34ae4ba17d411e2df2a2afb4

  • SHA512

    ce58113a9b2ebdfb5b4af3e504b950f18927127646624b65ac0b47702a6b27e00d8f560cb21c2d552dbe91784b4849cb1a23201b1cd3c75654574714c37271b0

  • SSDEEP

    384:ZteaiIK5zxxuqfWsR81ajY0nkpgX+lc+ztG77uiEomkkCp2S6BqbivnNadLmG:TXijXXfWsu1ajJnVX+lTztG77u0L2S6Q

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\DiscordTokenGrabber-2.0.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:684
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:3656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    575a39fbf4defc0b26a0366b41a9b50c

    SHA1

    55314febc3d8734396bf94cfe15e1ab6defbf08f

    SHA256

    feaada62997742f00f2e312ad268fabeae10528cdaf3133a0538390d843b8755

    SHA512

    2affada4d31eceb4e91e0aadd2051b3275ce31bcc4833e13d949f199304868cca7a081009469c10f40ed5b5ce0708b766efcf585ccbd37033507356dd46cd590

    Download Submit

  • memory/684-10-0x0000021E5E490000-0x0000021E5F490000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/684-13-0x0000021E5CE50000-0x0000021E5CE51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/684-14-0x0000021E5E490000-0x0000021E5F490000-memory.dmp

    Filesize

    16.0MB

    Download