discordrat | Client-built[.]exe | Triage

Resubmissions

30-06-2024 15:15

240630-sndtqstanl 10

30-06-2024 07:15

240630-h3hfcsvcjg 10

30-06-2024 07:13

240630-h186asxhnm 10

Sharing

General

Target

Client-built.exe
Size

78KB
MD5

a674af30a8ed7f669965e5eeaa5b8aaa
SHA1

8ab1e0a35d2d5eb213eeeffc8387854abd0d647b
SHA256

a79fd8b409690731c1be00fadb541fefb7d123383f075ffc7683177a144bc588
SHA512

b7237c0c6684639c85210c82c01db36f057bd1955e45d4dfc744383ff6508a2fda5ff8a8d9e5f1f9bcc83d3471a4616c5e3678d44ad391bf044c4081650fd379
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+TPIC:5Zv5PDwbjNrmAE+LIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5NzM1ODI4Njk0MTQ2MjYwOA.GpuxJo.iqItMI_qllfpR5QRzsh5PTLYeQaqTlW31FzIXY
server_id
1256869981413572658

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Client-built.exe

Files

Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ