discordrat | yjnclient-v3[.]exe | Triage

Resubmissions

25-06-2024 14:37

240625-ry7dcsydrk 10

25-06-2024 00:26

240625-arelbstdjr 10

Sharing

General

Target

yjnclient-v3.exe
Size

78KB
MD5

f758d08d23a5ddf8905d5c17084abf07
SHA1

b237a04b0ab5374f41ec90186d1de0250569a82d
SHA256

6624c79c2c07fbcb8d4244fadd4e16ad4c536c187c25acaf3b831fff7cbda3c9
SHA512

7fd582bb2c319d1cd43efa1d01420f2e58378c15542c044b2450da0da0112a55ae98afd52e851da767d487456927556152d3925ef11194c35bb25bcc9b7f747f
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+BAPIC:5Zv5PDwbjNrmAE+OIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NDkyMzczMDE3ODY3NDgwMw.GNKnH3._2hi153EQeLcF4SWSwr0pQuzH__TVonJih1mFM
server_id
1254923576340119644

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

yjnclient-v3.exe

Files

yjnclient-v3.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ