discordrat | Vanta[.]exe | Triage

Sharing

General

Target

Vanta.exe
Size

78KB
MD5

da5a7eb9e117cafa2d9137d1723a33dd
SHA1

e35b1f51e72ef5d2f8290ac7d0ec87cc15235899
SHA256

780815f7b1197e89dd796f625782af49026bc7691fd686eb25f3f9ab2002579a
SHA512

4686f8d49b4ca27c1ca4bccdfaad7c8369e475cdc1b59a9ac5af10dc5382d449c60daa993d9311dd2e70a3ee535449705665699691a3bd8bafd37ebd075fd7af
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+cPIC:5Zv5PDwbjNrmAE+QIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5NzkyMTQ2MDE3NDQ2NzE1Mg.G10JF-.bNlt2_PKNFUbG2pRSlM23bcrdFtXhvMU_yl7hY
server_id
1052631250457866370

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Vanta.exe

Files

Vanta.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ