discordrat | Client-built[.]exe | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
MD5

ae560a3a3e5faa61ac1a530484ed63be
SHA1

3fb1f101f9a3c1db81c798071c3e0b274930d17c
SHA256

138dc31c3b2f0952e7558132af34e1a18eb99317ca5b5c256e4289f103071d10
SHA512

8c48d3813635ee21da3352054bd6eea716aaff282fc9bdb5724c480df011ef4e1928bcecc3311fc73b4346a976a127311339e62d11a3776f642456f94bc142a5
SSDEEP

1536:W2WjO8XeEXFd5P7v88wbjNrfxCXhRoKV6+V+hPIC:WZD5PDwbjNrmAE+xIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0NzMwOTE4OTE1NjQzODE3OA.GZdSBx.JPFQ_kAdsV-tBe_H4agZkSRr3G9E_E7aO6EPiM
server_id
https://discord.com/oauth2/authorize?client_id=1247309189156438178&permissions=8&scope=bot

Signatures

Discordrat family
discordrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Client-built.exe

Files

Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ