General

  • Target

    DiscordPortable_1.0.9005_Rev_2.paf.exe

  • Size

    94.8MB

  • Sample

    240515-mfqwfadb64

  • MD5

    4189c0344913aa4c2d8b8f0d88d0531b

  • SHA1

    ab5a57290515c60e4fb66a8047b7f8170bf2a406

  • SHA256

    41b7e3de0096edd55d8cd234094d81086f1b498816c19b8b0d73daddffe3e171

  • SHA512

    a7276049784a022798981962d68041f9d48a2e508bd01709839be27c30f50ccbca590818fec3410f1501142c2a72bd41b0695a189425a5196a433fa42e1caf20

  • SSDEEP

    1572864:n+sd6OYd14DCa8N+UQsZ3tmLDZ3JmnZoWOskxUeYQN2/hITTA4pun8IQiUs9ziY0:Vd6714DCBoUPZ3tuRJAmWOIeAh+TA4cq

Score
7/10

Malware Config

Targets

    • Target

      DiscordPortable_1.0.9005_Rev_2.paf.exe

    • Size

      94.8MB

    • MD5

      4189c0344913aa4c2d8b8f0d88d0531b

    • SHA1

      ab5a57290515c60e4fb66a8047b7f8170bf2a406

    • SHA256

      41b7e3de0096edd55d8cd234094d81086f1b498816c19b8b0d73daddffe3e171

    • SHA512

      a7276049784a022798981962d68041f9d48a2e508bd01709839be27c30f50ccbca590818fec3410f1501142c2a72bd41b0695a189425a5196a433fa42e1caf20

    • SSDEEP

      1572864:n+sd6OYd14DCa8N+UQsZ3tmLDZ3JmnZoWOskxUeYQN2/hITTA4pun8IQiUs9ziY0:Vd6714DCBoUPZ3tuRJAmWOIeAh+TA4cq

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks