249bdaa4332b3e1a3a2148d4fd587a42bd48615af556d1c72da51c55bb2ca697

Sharing

Copy URL

Twitter E-mail

General

Target

BetterDiscord-Windows.exe
Size

75.1MB
Sample

240629-xp84gstdpc
MD5

43327119366e52928b9aed0c1e734389
SHA1

3777d8387fba8528b6e433a8e763df5dcd542a48
SHA256

249bdaa4332b3e1a3a2148d4fd587a42bd48615af556d1c72da51c55bb2ca697
SHA512

bda75994e6dcf5bc9e5b45d025894d62d0138a9d39c47255cd3b6b6e32f60de973da54bf85de57e8f0ca8a253bf414697c4b06e887d45dded90485ce6832e7f4
SSDEEP

1572864:DMKQ/QO4cQ0dPUnqZUPsziv5IANK+4ZYPDHdH/I1z/dHazC:DzXr50lUnqEneWlWYj21zaC

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  BetterDiscord-Windows.exe
- Size
  
  75.1MB
- MD5
  
  43327119366e52928b9aed0c1e734389
- SHA1
  
  3777d8387fba8528b6e433a8e763df5dcd542a48
- SHA256
  
  249bdaa4332b3e1a3a2148d4fd587a42bd48615af556d1c72da51c55bb2ca697
- SHA512
  
  bda75994e6dcf5bc9e5b45d025894d62d0138a9d39c47255cd3b6b6e32f60de973da54bf85de57e8f0ca8a253bf414697c4b06e887d45dded90485ce6832e7f4
- SSDEEP
  
  1572864:DMKQ/QO4cQ0dPUnqZUPsziv5IANK+4ZYPDHdH/I1z/dHazC:DzXr50lUnqEneWlWYj21zaC
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/splash.bmp
- Size
  
  564KB
- MD5
  
  ab867e66abaad50036f8dca8bcf3b63b
- SHA1
  
  ca0bd657610ce7b5b86514adde57e2b0f18a83b8
- SHA256
  
  c14a86e456f5b9783ed3e2118c9e97de6306fbd2b40cf9cd0dfb821b945c3569
- SHA512
  
  24b122fd7f8a48e03b387308e91ec1ccc6025a44f3e65404a12679ed50ce7633ce9f6c5b86efbc175cbed716478bd015e42711bd0148742f1ddeca5e3dbb1863
- SSDEEP
  
  384:V6sr5D9wQM3Qxu6QejY8RGEHsDf8CdvCdXJWaTlnZIWYvylfQTexJ3:VHNaQM0uhSRGFD0CRe5Wa5OWwBMV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  LICENSE.electron.txt
- Size
  
  1KB
- MD5
  
  4d42118d35941e0f664dddbd83f633c5
- SHA1
  
  2b21ec5f20fe961d15f2b58efb1368e66d202e5c
- SHA256
  
  5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
- SHA512
  
  3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63
Score

1^/10
behavioral7 behavioral8
- Target
  
  chrome_100_percent.pak
- Size
  
  138KB
- MD5
  
  03aaa4f8525ba4b3e30d2a02cb40ab7a
- SHA1
  
  dd9ae5f8b56d317c71d0a0a738f5d4a320a02085
- SHA256
  
  c3f131faeefab4f506bf61c4b7752a6481f320429731d758ef5413a2f71441f7
- SHA512
  
  c89a1b89b669602ba7c8bf2c004755cac7320189603fecb4f4c5cf7a36db72da651c7b613607146f0c6da9eec5df412c7fba75475352192351c02aebdaa7d9a9
- SSDEEP
  
  3072:igKzw9bpyZFM5fgm32Z8Gb0+VRLf0ld0GY3cQ3F2DExm/KLQ2I:nKzw9ozA4m3m8Gb0OV8ld0GecQ3mExhk
Score

3^/10
behavioral10 behavioral9
- Target
  
  chrome_200_percent.pak
- Size
  
  202KB
- MD5
  
  7d4f330a5443eadf32e041c63e7e70ad
- SHA1
  
  26ce6fb98c0f28f508d7b88cf94a442b81e80c88
- SHA256
  
  b8704be578e7396ee3f2188d0c87d0ede5c5702e9bb8c841b5f8d458abf1356d
- SHA512
  
  f1b9b0dd7396863aa0feca06175b7f9ea0be4122351ecf0a0549ee4c34f85ac8c63cc927d7409a40b6e19fa91d2cb00a145616ba19f47045b2345bfbc2d4802d
- SSDEEP
  
  6144:TDQYaF+9b7zA4m0k5GMRejnbdZnVE6Yopym74:gfs7T6edhVELo374
Score

3^/10
behavioral11 behavioral12
- Target
  
  d3dcompiler_47.dll
- Size
  
  3.5MB
- MD5
  
  2f2e363c9a9baa0a9626db374cc4e8a4
- SHA1
  
  17f405e81e5fce4c5a02ca049f7bd48b31674c8f
- SHA256
  
  2630f4188bd2ea5451ca61d83869bf7068a4f0440401c949a9feb9fb476e15df
- SHA512
  
  e668a5d1f5e6f821ebfa0913e201f0dfd8da2f96605701f8db18d14ea4fdeac73aeb9b4fe1f22eaeffcdd1c0f73a6701763727d5b09775666f82b678404e4924
- SSDEEP
  
  49152:sXMoHAsisjBFjJMLhHELxJm8ZU8W/GBj5Z535TMpinAizxkl/cD11bqCG7jHbOkD:srZOb8W/G5hnAizxz7NZy9AG
Score

3^/10
behavioral13
- Target
  
  ffmpeg.dll
- Size
  
  2.5MB
- MD5
  
  d2cc6fc3a7b6c5bcca5fae428fe799e0
- SHA1
  
  89cba6e9195cf95a7aa993d7aaadb331392b3bda
- SHA256
  
  0d4ebdd32f016c6eb203aef4c70ad2f93fa68e5b9e92087a862b21f8133c7319
- SHA512
  
  34f7e6c49ff2a230abc7c5aeeebc5ec628f07170c4638b3bfc5897a645fa5f167c54230373a39021548e0aceba50c35ef730e4ecb454bb4d882df2d699c86736
- SSDEEP
  
  49152:8LmyB/kMqMdqev+YEdOzvKi5rWniVA8IOF:UmI/kMqMdqe9zvKiOL8T
Score

1^/10
behavioral14 behavioral15
- Target
  
  icudtl.dat
- Size
  
  9.9MB
- MD5
  
  80a7528515595d8b0bf99a477a7eff0d
- SHA1
  
  fde9a195fc5a6a23ec82b8594f958cfcf3159437
- SHA256
  
  6e0b6b0d9e14c905f2278dbf25b7bb58cc0622b7680e3b6ff617a1d42348736b
- SHA512
  
  c8df47a00f7b2472d272a26b3600b7e82be7ca22526d6453901ff06370b3abb66328655868db9d4e0a11dcba02e3788cc4883261fd9a7d3e521577dde1b88459
- SSDEEP
  
  196608:+UGwSv9AAQnt6liXUxR0rHa93WhlU6tcCLhl:+oKlQnAliXUxR0rHa93WhlU6t3Ln
Score

3^/10
behavioral16 behavioral17
- Target
  
  libEGL.dll
- Size
  
  346KB
- MD5
  
  dccd99cb80c5022d4ed21c068d4e4ae5
- SHA1
  
  4fcdc6be313d0e3baa5168a7556df992e3364da4
- SHA256
  
  2166f8830bfbf3d574d7654bd927fe6e05fb74fb05d8e57af59c93090f6bc2a6
- SHA512
  
  02f18a691d85545a0452631b1c1e218aa5853d71937f7ae1d4f3639142399017139c1d9cb81f769754303635ce689605a7fd65765a3d8b4873603ced57925faf
- SSDEEP
  
  6144:DMsJQmSGv9SHEOCK6tNu2JztBwNWqERYRg2Z4uVPZIcwpJAc21Dq2bTm:DmERK6tNVwNWqEnFuVPicAwE
Score

1^/10
behavioral18 behavioral19
- Target
  
  libGLESv2.dll
- Size
  
  6.6MB
- MD5
  
  d36a30ef5726be3e3b3ed3f886a781a8
- SHA1
  
  0a47ed6013866aef030683e0398937013ce7fdf0
- SHA256
  
  3672e62c20b1d253ad642e155ae32ba5c1ca1f2cce37565c71a7d8aad21515dd
- SHA512
  
  8ac4adc7879cc7b0661809394e118220a350c9b8063aadf44fcecd115411fcc040ea73cb1fb2896931c34ec04b6146e5b5f7cda531249698dceb09aa1f9b4078
- SSDEEP
  
  98304:3QCYyoIganb7rvoRVNBlrErukVVraNqk6xjL5V9zEYT/lv3:3QCYyZDnyVfqrukTrBTxR
Score

3^/10
behavioral20 behavioral21
- Target
  
  locales/am.pak
- Size
  
  150KB
- MD5
  
  5c617f3833923fca5717a549fa57adca
- SHA1
  
  0102ac3c8041fab6a1a65a3bcaf7e79c0b7fd719
- SHA256
  
  5f323c0bd185d5bd5f7ea737018f14fd6ea500ba5440bc74f5c09b635518eadc
- SHA512
  
  87034e798355875f3459567ed1f11e5455fc5adc9634eec33e9db2446451febf7f35f617709a9b09bf3bc52f195edea0cb47d474d2c11ca93a8b5383142d45e9
- SSDEEP
  
  3072:nJ1NSM/92t7Rh4rgEkDvuHq/VoZLokijEG/yZJjh6oVjUWRSuo90kef97ZVt1nnu:nzym+u9QfCx30jH8+x
Score

3^/10
behavioral22 behavioral23
- Target
  
  locales/ar.pak
- Size
  
  153KB
- MD5
  
  8f9c8dd93b03202220b5e226c6956025
- SHA1
  
  8290dba9b8dcc89928821ead04f7cf599c0ba557
- SHA256
  
  e7f9a474399c0ca0daf28c6153f6ec7ae87423e66c8ffe0849407471d20b6237
- SHA512
  
  3eb0b80cc7243ed646cfc7be31eb27f0aa15f2aa8a5d2c50c3e5efd8a81759637e3f986c5c294262ff3bc94a939bb3803268b4eda46b3cfe224f596bfb4ed00a
- SSDEEP
  
  3072:91mmOGHNSNRZaJTGxRh+7iMuxHSM2uZtE9yKBZ1F/R2bKSI1+/BI1Iir2L2p:zjOlNRQs+7i0g/BI1Zp
Score

3^/10
behavioral24 behavioral25
- Target
  
  locales/bg.pak
- Size
  
  166KB
- MD5
  
  00d012a55a50bba5de8b2fc2e0d163b2
- SHA1
  
  89163fa9905876167a0c7d3446bcb0bd30f88ef4
- SHA256
  
  bd3a3aacc3cee9864404755eee9542e0f21efbebd4a71e5333d15783d4ce18c9
- SHA512
  
  3bd6c774729f3531d316917deb7d8fe977c5bf5a3e85846f061c4af5fb6c45f79d8a3557a47d4569ad52819b3ccab13d386a9f5c1801e25e969e194a956d40a2
- SSDEEP
  
  3072:P3504qAG1u0PSFq8HyyW4nSpbBqjnUmIKW3RZzrzCLy8Asgiamd3vNgT72eM+sUS:P35vqpTPaTo4njmZzrmLy8ADINW72eMz
Score

3^/10
behavioral26 behavioral27
- Target
  
  locales/bn.pak
- Size
  
  216KB
- MD5
  
  80c804a82c617e7e0fc1e7f0df63290c
- SHA1
  
  a81f3ac6e92785e4c96e7dbd01fca8bfd446071a
- SHA256
  
  b4ed891e8b38452623348da12d325b52407446114cba664a8e25a26a7cfaf773
- SHA512
  
  919856917f185dcaa6204a0b990e49498ef59b72cf93f8b6da44785f4e889b70c0b05300ac15009260ddb36a8d4f06fee5d8c4796e60a43c2957ea436f7316bf
- SSDEEP
  
  768:fPjRXprzuB7CPIqPp2nKEZ3UzKoZ4CfrNuduY0Jri0CI58JRKgqZBiCYWY0PnxRB:fbbNp2KGCDjr58JMgqbxRRImv7hfUHm/
Score

3^/10
behavioral28 behavioral29
- Target
  
  locales/ca.pak
- Size
  
  105KB
- MD5
  
  79ec325651589f138c7840c61316d8f5
- SHA1
  
  37503edcae710e2d61f390064fa2d9893d4b9c8d
- SHA256
  
  9a4e286a58bb9a58e9e30d982783663c9bce40730cb6dad4c37980038040919e
- SHA512
  
  f00a9354871c77947d2b99e83b54babcb46b5a45c24702c1b5f750156abcb2a00d12c6b4c2e15634d4d560de0afa5b9c368d31f08cf447f2209f51c0b8ef6384
- SSDEEP
  
  3072:Em2DPcgrI54tBL8l/oq7O5awat8PU02he8X/FS0bzRhqRRhnAkpxlCEtT3nRA39u:EvPcgkoqO5a78PUzhe8X/80nEznAkpxl
Score

3^/10
behavioral30 behavioral31
- Target
  
  locales/cs.pak
- Size
  
  107KB
- MD5
  
  0325d16a747cca73a3a2b0c94fac123d
- SHA1
  
  e5989627742ecee5f8996001002e97627bfbe10d
- SHA256
  
  c00829fc57c7e1e5419fe3202f114d394a590b8b32b1e55af42772c93755945d
- SHA512
  
  b824297df25c097251432fa72ae1258092e692ff3e4c527599897d7d3e71007cbd80e300de54b87146889f71d537c7d297c1b3cac04b6e08d7ce29132ec9e5dc
- SSDEEP
  
  1536:6G+wdXqt5qYSP7ymjLEwoVD33zSYoYlBw/dhRRkP+8QUQdbiE:JvXPjyfaYl6/P2+8QUQdbd
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32