discordrat | qweqweqweqw-main[.]zip | Triage

Sharing

General

Target

qweqweqweqw-main.zip
Size

28KB
MD5

cb451f6d925879bd293a9a8a786cb732
SHA1

e74f9d8ff3d52b7ac139fd0ced5778523c2597ff
SHA256

a8586827f1bc5d022d82a304a9e91ecddf43c8f304afa92c9834c46ec28b58e0
SHA512

084da8ea565a614ff1c4c46eb74ae1e2453e55ea937949fa44a8f79b1802343fa0f44754c6e96664f4a07345f09af31a320588a9f93553b61b9d2192cae6792b
SSDEEP

768:Or6YJtQIrogIzFapad2F9SCjoQzK9QHLy7PwYpfP6h:6J284w9SCjqPwN

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NjMyMjA1MjI4NjA1ODU4MQ.GXaTOL.L1Bde1kmFmXuyZ3LK4kGy4Ab9YhMt8b3KUVyNU
server_id
1174076539189612677

Signatures

Discordrat family
discordrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/qweqweqweqw-main/Client-built.exe

Files

qweqweqweqw-main.zip
.zip
qweqweqweqw-main/Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ