discordrat | Doomsday 2[.]0[.]exe | Triage

Sharing

General

Target

Doomsday 2.0.exe
Size

78KB
MD5

db5a4df36bf2c8246c83de8198d38fdd
SHA1

2845da0509b98124763e5d695113d0b2c766446b
SHA256

2d832c588c8c3b04ced93e9d057f78865174b222276d94b344ef9ffb1e395743
SHA512

a6b9361d2cf6a0694a3d9dfcfd152c3e12e17885bf61915f37830bf874ec750bbc3bc498e0f9ca55bda251cec231ea3502e79f93f20f1e10867b913a3ecbc285
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+ZPIC:5Zv5PDwbjNrmAE+pIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0MDY0NTc2MzY1OTIwNjcyNg.GJlaHg.NUriYPGM5L_GnVLljACN7pxT0nzmvkPLpMp65A
server_id
1232350852556128387

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Doomsday 2.0.exe

Files

Doomsday 2.0.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ