152d2201a88544ba1c2a2e2d7140e8d2b1babb331f711d10e903e722c05cf11b

Sharing

Copy URL

Twitter E-mail

General

Target

Discord-Username-Checker-main.zip
Size

25.4MB
Sample

240611-jj19ssyhnb
MD5

920a1351916cd43151a98ab78088b8d8
SHA1

c93fcb57d09bd67ce39e16972247f5d6ba363b62
SHA256

152d2201a88544ba1c2a2e2d7140e8d2b1babb331f711d10e903e722c05cf11b
SHA512

1659188a171c9a06b3e2607bc2ee16725990c05fc3510b8f98822aa5f0a15fce53ab7c0d1b5d83d58bfc3364e58fbfd1624b628c78e3b31a4c1b1eb1fc975c54
SSDEEP

786432:LD8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJrW:LLKWu4UVGbS/r2fL6tJrW

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  Discord-Username-Checker-main.zip
- Size
  
  25.4MB
- MD5
  
  920a1351916cd43151a98ab78088b8d8
- SHA1
  
  c93fcb57d09bd67ce39e16972247f5d6ba363b62
- SHA256
  
  152d2201a88544ba1c2a2e2d7140e8d2b1babb331f711d10e903e722c05cf11b
- SHA512
  
  1659188a171c9a06b3e2607bc2ee16725990c05fc3510b8f98822aa5f0a15fce53ab7c0d1b5d83d58bfc3364e58fbfd1624b628c78e3b31a4c1b1eb1fc975c54
- SSDEEP
  
  786432:LD8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJrW:LLKWu4UVGbS/r2fL6tJrW
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1
- Target
  
  Discord-Username-Checker-main/LICENSE
- Size
  
  13KB
- MD5
  
  cac9d75c17f9512caee8bce7d77db86e
- SHA1
  
  5e38a206b091f6c079e85cb3dc4c6f968608548d
- SHA256
  
  ae731890ec97fc1e7eb582d23ab81e3dfa01a2097417d00d47dd48339542a4ac
- SHA512
  
  a72d7657dfd16d40fde89ad6c7f036357713c60a91256c70d35c7b0b73605f7539e13867cb8569ae2f22fa39ab741b54c89242ca5e230c4ebdd45abdf0ba7f36
- SSDEEP
  
  192:u1A+wRdskkAMse67RdbQ0iVBJlM/c2B1FHP:oA+OskrW04lMUwv
Score

1^/10
behavioral2
- Target
  
  Discord-Username-Checker-main/README.md
- Size
  
  2KB
- MD5
  
  1ecf8d71aeddc24f7fbdf8819ec298c0
- SHA1
  
  c7b9f3b5ff408508e242213c7816ad665d35be8e
- SHA256
  
  7ded121b33eccfa535e8164b9aa75cc8b8f95a01abc67de79f5a3a1c77743901
- SHA512
  
  c69c4f942ec7948c37516acddfc347fdf7ff0a9dd4ae366ae71d3fbdbe89688136d1d22e4bd7e8a5bbcbb8c87cd3ddee04da7a69445b5a99417b60c683c2f86b
Score

3^/10
behavioral3
- Target
  
  Discord-Username-Checker-main/config.ini
- Size
  
  586B
- MD5
  
  f93bba199e0449e5254b8f3375528f27
- SHA1
  
  faf036a17d25ad9cf59962f031dab90ab0daaaff
- SHA256
  
  419c6e6ed16abbd21a22f8ac2c534fd4117fe5233c358135493d4d5c46c27970
- SHA512
  
  d08fcd5bfb57ccb1f6ddba3b6d0ff9fecf359f78367c3b9cadafa6d86d94c189398b65f34688569e0a16f91eb1c3d26206bb610d89dfee31c46736df75003c42
Score

3^/10
behavioral4
- Target
  
  Discord-Username-Checker-main/dsv.py
- Size
  
  14KB
- MD5
  
  b022137af482840b9fc4a57f2a946da1
- SHA1
  
  18055704ab38ccdff922ae5d332fa7aa8aa2ad63
- SHA256
  
  d62cc03ec22215f600e529291b3e64a4e502b728a8588078cb3a5f0321289e05
- SHA512
  
  a996577e342a5ea04c7ca730217b0db042956b31e9be98a10976835a24526c7624f2324fdc4746e07c5bfef281e6902aa9dbaab63b50907bef8a73ea288c5302
- SSDEEP
  
  384:EYRhQw85UYAy8uJQNrk6/N+L3TngXQMeCkrpN48jR:js5UD29r8WR
Score

3^/10
behavioral5
- Target
  
  Discord-Username-Checker-main/images/1.png
- Size
  
  17KB
- MD5
  
  ac95d5c8baab2812a2e5f5142d1391c6
- SHA1
  
  8d5a2d0ba57d558b64ed5e7c552323231aa9cfb7
- SHA256
  
  5e3af9eea419b7b052dc0d8319925c89a170f3ae4e5565c63feb0c55b5694ef7
- SHA512
  
  907a7d1fe58ee00e3ef1b04b71bbfcb7929877050daf1d0694d42f905044e02963434d54562fef70bf9a288c9bf1dcee61e022030e87154728c70d24ecd485b7
- SSDEEP
  
  384:YZ65RfRRqiNjOPLO636kEg9tj2zkUEPIZwErgdbCUhtQ9A:YuNjOPLO6qkh9MzzKEiXCA
Score

3^/10
behavioral6
- Target
  
  Discord-Username-Checker-main/images/ignore.png
- Size
  
  123KB
- MD5
  
  a9690af1cc44541bf994ac323b3da9e4
- SHA1
  
  440394e920ff70ee946544c38d348cef57b74b18
- SHA256
  
  52ba8ab4f1d01bf68b3c0c97a5483d10d393b169c697f23ed267af048dbb2fbd
- SHA512
  
  345990f6daa9a25ffa63e2cc6e6745cba0590b986b24187a696f075cfb95bfc2f472ed753be7d3378a2f1dd15039d89200c39c2bea64998a16e8c6e2cd6e6270
- SSDEEP
  
  3072:WezFWfbTCJU2iLG6BMGBTQ0/V8HzXSfuT1ABLUS27I:bsfCJU2iJMqTQ0N48Hx
Score

3^/10
behavioral7
- Target
  
  Discord-Username-Checker-main/requirements.txt
- Size
  
  18B
- MD5
  
  c9ae65f47721f7156a4e08aac85ed85c
- SHA1
  
  efe5e708feeceb6875df8593d5ece0086a9924bb
- SHA256
  
  83bf247199156685afb6c959da2302c6a9d33a16c420f67b46ffe0985da4cb05
- SHA512
  
  d1457193cfa802863325b74d1959eadd6879a0094a9c2395bc1c5fc63e43c408264c1c57afb4307e2fe4d402e4fb5f8540afb028e8e567c143e0abfbc5100f4d
Score

3^/10
behavioral8
- Target
  
  Discord-Username-Checker-main/tokens.txt
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

3^/10
behavioral9
- Target
  
  python-3.12.4-amd64.exe
- Size
  
  25.5MB
- MD5
  
  f3df1be26cc7cbd8252ab5632b62d740
- SHA1
  
  3b1f54802b4cb8c02d1eb78fc79f95f91e8e49e4
- SHA256
  
  da5809df5cb05200b3a528a186f39b7d6186376ce051b0a393f1ddf67c995258
- SHA512
  
  2f9a11ffae6d9f1ed76bf816f28812fcba71f87080b0c92e52bfccb46243118c5803a7e25dd78003ca7d66501bfcdce8ff7c691c63c0038b0d409ca3842dcc89
- SSDEEP
  
  786432:zRd0l0X/46+nq1rcVqA5Z2bQcLsv0GlYrJF55e2nRk:L5P46+q1QTILMKB5e2nRk
Score

4^/10

discovery
behavioral10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Adds Run key to start application

Checks installed software on the system

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10