discordrat | Client-built[.]exe | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
MD5

f42bdf8f20e5255f795c8674660b1726
SHA1

33f091151b0c8fd79a54147745cf31a73fdc5b09
SHA256

29c656fea6ff37a604471ab0ad639c84ee126068e0d35ec08ad4b7d6e10800df
SHA512

348a29e0e4fbd64ac039987d5368e949c033a45ae51165f3f50d1d8189c3b5955d9ccb4fff40427f12771b4584dadc6aa7244e9241a5a76e1584f2442d8b43a2
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+gPIC:5Zv5PDwbjNrmAE+EIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NDQzOTMwMjU1MzkyNzc2MQ.G0gbWG.p0dvgGvhzUkkjFPeMGPUIjn6cnvAGT0-eTUVi4
server_id
539143760898949148

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Client-built.exe

Files

Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ