General
-
Target
DiscordPortable_1.0.9005_Rev_2.paf.exe
-
Size
94.8MB
-
Sample
240515-mfqwfadb64
-
MD5
4189c0344913aa4c2d8b8f0d88d0531b
-
SHA1
ab5a57290515c60e4fb66a8047b7f8170bf2a406
-
SHA256
41b7e3de0096edd55d8cd234094d81086f1b498816c19b8b0d73daddffe3e171
-
SHA512
a7276049784a022798981962d68041f9d48a2e508bd01709839be27c30f50ccbca590818fec3410f1501142c2a72bd41b0695a189425a5196a433fa42e1caf20
-
SSDEEP
1572864:n+sd6OYd14DCa8N+UQsZ3tmLDZ3JmnZoWOskxUeYQN2/hITTA4pun8IQiUs9ziY0:Vd6714DCBoUPZ3tuRJAmWOIeAh+TA4cq
Static task
static1
Behavioral task
behavioral1
Sample
DiscordPortable_1.0.9005_Rev_2.paf.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
DiscordPortable_1.0.9005_Rev_2.paf.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
DiscordPortable_1.0.9005_Rev_2.paf.exe
-
Size
94.8MB
-
MD5
4189c0344913aa4c2d8b8f0d88d0531b
-
SHA1
ab5a57290515c60e4fb66a8047b7f8170bf2a406
-
SHA256
41b7e3de0096edd55d8cd234094d81086f1b498816c19b8b0d73daddffe3e171
-
SHA512
a7276049784a022798981962d68041f9d48a2e508bd01709839be27c30f50ccbca590818fec3410f1501142c2a72bd41b0695a189425a5196a433fa42e1caf20
-
SSDEEP
1572864:n+sd6OYd14DCa8N+UQsZ3tmLDZ3JmnZoWOskxUeYQN2/hITTA4pun8IQiUs9ziY0:Vd6714DCBoUPZ3tuRJAmWOIeAh+TA4cq
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
89351a0a6a89519c86c5531e20dab9ea
-
SHA1
9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00
-
SHA256
f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277
-
SHA512
13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08
-
SSDEEP
384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
bf712f32249029466fa86756f5546950
-
SHA1
75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
-
SHA256
7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
-
SHA512
13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
-
SSDEEP
192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score3/10 -