discordrat | Client-built[.]exe | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
MD5

cd4014c7eb128d92d9912e12d4d39a8a
SHA1

e7489ce5b32c002ef638bdeae884322ca1040aca
SHA256

74c8a489fd5f25c492911a489864cbfcec452f6fb58d30aa4d581a41cbcd8e09
SHA512

dbc1cf52e79cf3dc4d24d48bdc76a8e9c637539f3c5a93575990fa582ffd2940472c18d7679f8012b6ea40805b9a980dad66fb2f34a5be58dcb05a298844174f
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+vPIC:5Zv5PDwbjNrmAE+XIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2MzQ3MTY1NDQ3MDY4NDY3Mg.GIArw-.EV9b3dUNyQHg6d4ETU34WCRPf5CRGszy_-3RTQ
server_id
1156550240124534844

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Client-built.exe

Files

Client-built.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ