Analysis

  • max time kernel
    1485s
  • max time network
    1501s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240611-en
  • resource tags

    arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    18-06-2024 21:29

General

  • Target

    Discord Tools beta/Discord Tools/Tools/Discord Spam.py

  • Size

    157B

  • MD5

    40f4fdba2abcc6c2da2e8e86eec75eae

  • SHA1

    6210c29679dee32c14cc480e99083a3d28ebe127

  • SHA256

    8efc99b3cac4aa6eee235fa3b7f5f538e31d4d5c09061ce024aa28337daccc1b

  • SHA512

    25c3284c9f96babe2052ccb0ae09492635d1a1b8129cba76f1ecb06197efe10dadd483cd1b37e9de679e798d25bcd194807de056fa3c51302b6cc9cbcd4e290d

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Discord Tools beta\Discord Tools\Tools\Discord Spam.py"
    1⤵
    • Modifies registry class
    PID:2272
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3568

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads