discordrat | Injector[.]exe | Triage

Sharing

General

Target

Injector.exe
Size

78KB
MD5

75fd32716d11fac29ee671bf4ee672a5
SHA1

62100e776287165121df72222a2dd868012a97fe
SHA256

1adb49471838431ec8e5ad62abb00c704f32fbac4ee164f4244896e87b9517df
SHA512

7a74e89717ba12f9f9209b2c9200f4dbb8623d6ae6e95abdb7a3020cc87960bde7fa16ccb125797fe41a9c92f3eb665050e534b0c4ae341b9cc1993f5660c581
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+9PIC:5Zv5PDwbjNrmAE+tIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NjU2ODI5ODA3MDQ3NDc4NQ.Gp9PSJ.9XfORrX7Q0UZ0YFEnibKs_j5b6NOcjXXsqTnyA
server_id
1256297785779556363

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Injector.exe

Files

Injector.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ