General
-
Target
Google Chrome.exe
-
Size
492KB
-
Sample
240526-byb98aaf93
-
MD5
d3ebb8649264196a80f589dcf0c97f9b
-
SHA1
4bbeef7c604629c5cce710ff78dd1c032dc67fc5
-
SHA256
9d0e13b30050899624473e710d44cb372a881a38d2802cc6c0ea2e2f54580689
-
SHA512
fcb8dd306b96ff2cd6c13cd9dcd70330efd2d2cab63548b1089fa207b0249603b8f45f5f2c50755db2a7d877774a7497c2303fc9ab5150529fcf6a24e7f1f9b6
-
SSDEEP
12288:2CQjgAtAHM+vetZxF5EWry8AJGy0khGPyJm:25ZWs+OZVEWry8AFtGPZ
Static task
static1
Behavioral task
behavioral1
Sample
Google Chrome.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Google Chrome.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
discordrat
-
discord_token
MTI0NDA5NTY1ODUwNDM1OTk3Ng.GTDu8V.pnAIDXNTNWIQchltJK15s3stoHuo5RxHsi9AYg
-
server_id
1244095541626015796
Targets
-
-
Target
Google Chrome.exe
-
Size
492KB
-
MD5
d3ebb8649264196a80f589dcf0c97f9b
-
SHA1
4bbeef7c604629c5cce710ff78dd1c032dc67fc5
-
SHA256
9d0e13b30050899624473e710d44cb372a881a38d2802cc6c0ea2e2f54580689
-
SHA512
fcb8dd306b96ff2cd6c13cd9dcd70330efd2d2cab63548b1089fa207b0249603b8f45f5f2c50755db2a7d877774a7497c2303fc9ab5150529fcf6a24e7f1f9b6
-
SSDEEP
12288:2CQjgAtAHM+vetZxF5EWry8AJGy0khGPyJm:25ZWs+OZVEWry8AFtGPZ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-