General
-
Target
message (1).txt
-
Size
8KB
-
Sample
240508-mlafmsgb2t
-
MD5
e2fdc6f284b1e89db643bc6ad0ada0ec
-
SHA1
cc972dc3a3abc14f611d457c9091251f3366afc1
-
SHA256
e15c1ff4c2f72df0d0acee08eaf869badb5d5a377ba64c4a172f060d45ab8585
-
SHA512
0c3f6674d9122eff2f39e4db6f120fa7cb1f41d1f9e871cb2af60a5fdbaddba3e2311393c72ce11c70075678581a1aca0c44a950a5fa92df62dd2ce0c168adc4
-
SSDEEP
192:yYV3EpBHRxTf+cQt8qyt8qTRaS9Rdh7sN6mE2oAoTE2LTs:yzUGK
Static task
static1
Behavioral task
behavioral1
Sample
message (1).js
Resource
win10-20240404-en
Malware Config
Extracted
discordrat
-
discord_token
MTIzNzcwMzYwNDc3MzcxNTk5OA.GpnuZW.icMd9S8Xo3T9RHsU9bXhiKpUJaK62FUGK13WN4
-
server_id
1237709600602722354
Targets
-
-
Target
message (1).txt
-
Size
8KB
-
MD5
e2fdc6f284b1e89db643bc6ad0ada0ec
-
SHA1
cc972dc3a3abc14f611d457c9091251f3366afc1
-
SHA256
e15c1ff4c2f72df0d0acee08eaf869badb5d5a377ba64c4a172f060d45ab8585
-
SHA512
0c3f6674d9122eff2f39e4db6f120fa7cb1f41d1f9e871cb2af60a5fdbaddba3e2311393c72ce11c70075678581a1aca0c44a950a5fa92df62dd2ce0c168adc4
-
SSDEEP
192:yYV3EpBHRxTf+cQt8qyt8qTRaS9Rdh7sN6mE2oAoTE2LTs:yzUGK
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-