discordrat | DownloadPacks[.]exe | Triage

Sharing

General

Target

DownloadPacks.exe
Size

78KB
MD5

6d00e8dcaba56aa8abb241fbe301ed97
SHA1

77875c8353e932f89a76374ce820c78661fa821a
SHA256

11ff07465b50ef7cb14a792609a3b7ed5e22a2b763a0cb9634e333ed71f23eda
SHA512

eeefa2bcf8f9948b11a0f192322636bedf5fcd78c167b9325a3b11ba36fc073537c296005081b8977756310f73394592ae30e46d5dfd9874fdbc7e095dcc9814
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+ePIC:5Zv5PDwbjNrmAE+aIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0NTQ1NjE5NTk2MDA0NTU4OQ.GXIGaB.cckR8NMonbSMm8aKqx-PQubEd59jtvADxsm6P4
server_id
1245410495406674023

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

DownloadPacks.exe

Files

DownloadPacks.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ