discordrat | zip[.]zip | Triage

Resubmissions

25-06-2024 14:50

240625-r7v2payhnn 10

25-06-2024 14:48

240625-r6e9vayhjr 10

25-06-2024 14:40

240625-r18zzayfjm 10

25-06-2024 14:36

240625-ryzzaaydqj 10

25-06-2024 14:34

240625-rxl12avhqa 10

Sharing

General

Target

zip.zip
Size

29KB
MD5

b05c33e2ae171f3931ca355e4820cf62
SHA1

8f4ae9550a75fa1cf46b282b03cdb4f809e4ffc6
SHA256

74b6089379acff9803a37c3b5e8bc86c5877a319c4ced5a714ff9c9c63905188
SHA512

fafa0f20f07d20bf99304a087d27bb478c630f4e74aac8969a150cacb89120a8cdcd726a98110088cd5b8352e56b8afa19811445eb5ce6b9598dacaa5ca79766
SSDEEP

768:f5lz6yZDgr9OtA8dozoBqiqVIte7aKxLe:fd2rqqiqN7aEe

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1MzY2NzkzMTcwMzc0MjQ3NA.Gw8dsn.LeG778rjIzDyfb3CK-K3udb1GPBgWlxFwh_VdU
server_id
1250682422434074634

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/cdumper/compiler.exe

Files

zip.zip
.zip
cdumper/compiler.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cdumper/how to use.txt
cdumper/key.txt
cdumper/misc/settings.txt
cdumper/output/how to use.txt
cdumper/setup.bat