General
-
Target
DiscordSetup.exe
-
Size
107.7MB
-
Sample
240522-3g356adb71
-
MD5
19b9a1d84b272a4279ca7ff84ff8ce70
-
SHA1
e5faa0bfdb7ffc5b040fd7525d69ca3fb7e3241d
-
SHA256
b515b5239d471fa26f37e816e7c7d5ed7c578348ffaf61aac2b99b4ccb1c292e
-
SHA512
6906a007940024656cb4f811911c6aac606454b661e91f15d3abc98d4a78622c7c965ccee350c7e6bc8bdd90e1aa819f4c868f9902ae736106e73cd416832ed8
-
SSDEEP
3145728:AvGOQGs9BFKW5NUIxM8hCMrrsLAVWhsiQ:BB7FKW5N4SC6rsAVSsiQ
Malware Config
Targets
-
-
Target
DiscordSetup.exe
-
Size
107.7MB
-
MD5
19b9a1d84b272a4279ca7ff84ff8ce70
-
SHA1
e5faa0bfdb7ffc5b040fd7525d69ca3fb7e3241d
-
SHA256
b515b5239d471fa26f37e816e7c7d5ed7c578348ffaf61aac2b99b4ccb1c292e
-
SHA512
6906a007940024656cb4f811911c6aac606454b661e91f15d3abc98d4a78622c7c965ccee350c7e6bc8bdd90e1aa819f4c868f9902ae736106e73cd416832ed8
-
SSDEEP
3145728:AvGOQGs9BFKW5NUIxM8hCMrrsLAVWhsiQ:BB7FKW5N4SC6rsAVSsiQ
Score7/10-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Adds Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-