discordrat | SolaraBETA[.]exe | Triage

Resubmissions

23-05-2024 16:42

240523-t7qs3shd6s 10

Sharing

General

Target

SolaraBETA.exe
Size

164KB
MD5

ef3211af9aefd0a032cd9fbb3c46d1e2
SHA1

b6e09ec37c2e50aec3e186b4b80696bc5fbdc1ec
SHA256

d0696ae3dfc83c80cdaf0bb50aa0b7ca04c362177c3bb12ab79a355d261c5465
SHA512

fed323033bb2868183eb5770a6ddb1e745db93dca7d23245ad94c32fc7ce223289cad62e48a8674e38e810c52de9eef1993efae2100e13cde0f78d070b0578cd
SSDEEP

3072:2Zv5PDwbjNrmAE+4IjLdGgCvZuT75lTT3MJObhH:Wv5PDwbBrUIjLdvm27wJON

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5NTg0ODc1MjI0NjgyNTA1Mg.G4P4wp.zMWMnomJQlTXAmzFNKlIfb-ParaaB86MEq0gOY
server_id
1234555349349040179

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

SolaraBETA.exe

Files

SolaraBETA.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ