discordrat | Client-built[.]exe | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
MD5

dbba5edce277a3ed2bb65920d97fdb13
SHA1

b04d424387a21a353b3ecabc129d36064e65e161
SHA256

507d5b41686e4d676e80bb69b3690cf38f0f4179cb33824a59bb5ec282a96796
SHA512

f67be6f67142696ea250f50df612ce5085540a1006fd76357a097c829c35f53a8f88ee120e71130ed3b6882cf3385ac4f1c5792047aa48aeef228e7aee81320f
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+/PIC:5Zv5PDwbjNrmAE+HIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0MjUxNjgyNzA2Njg1OTU0MA.GpBygv.dLDaQQjPlN5v8dR8LFLzwhOYpC7MLTkW9l64WE
server_id
1242516115473694791

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Client-built.exe

Files

Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ