General
-
Target
DiscordMulty.rar
-
Size
3.7MB
-
Sample
240802-we61pstdlq
-
MD5
981187d8addde5cbf8186db39a5eb885
-
SHA1
18acf273a86e61b17c6df24ad988182e80541c6a
-
SHA256
46e1081372a9209e9bb11225ecfdcd3d3824a51a568c03763e2c689c4ef3928f
-
SHA512
32606af10a762a7bbb2bbd08def5808dc3817abca24eaee8348cab28c14afd1413339a9ec2adbea75cd242de3d3ae49e3e2cb02ceb782d745013614dbd1ef3ce
-
SSDEEP
49152:Er8nNFEfeAMLxtndQpcR0EyB4afsHnckkTeql5c4rdFLacfgiL0WaLKYmpldw7:/kOVtgcROFU8k0N59rdMVvWKxSdw7
Malware Config
Targets
-
-
Target
DiscordMulty/Colorful.Console.dll
-
Size
88KB
-
MD5
513887befab1824441ab836a1de051e1
-
SHA1
737acdf101b06d4f7528a17a361120898dcbd98d
-
SHA256
6de7e078e24afa66b699c6eaf93988ff44dda8bd062fc11351978ddc5b601899
-
SHA512
35b63292badf4d79375f32c60ae2993b5f3315203cf790bceba0df69bb222a83b5cb1ff55cea30c48345a59b04c17d037580dd7bcd8c5075334f8bdedf640454
-
SSDEEP
1536:3J1J4aE966w/2DtgNpWFbCagAHM9KTC/bu:3C796R/ObCagAs9KTgS
Score1/10 -
-
-
Target
DiscordMulty/DRouter.exe
-
Size
1.9MB
-
MD5
4d978f4a830f374b5867f1ae53b08ffc
-
SHA1
827b301d630a037a6559acc3b63612fded885767
-
SHA256
a881c67a5ad97fed46616a1c219a4c70fffcbe3ec1f0c900747e2ba75131b143
-
SHA512
f9339c421b5a8ee85358d0a4384ef3d203cb68572152f02c9610c4c371091d5c5caed5fde3a3c379ef3feaa2c86cc123e09596fb8862816ea60ae2d78d6a6091
-
SSDEEP
3072:gq6+ouCpk2mpcWJ0r+QNTBfqcm2GvaDE:gldk1cWQRNTBS
Score10/10-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
DiscordMulty/lib/Anarchy.dll
-
Size
529KB
-
MD5
8725518ff670fda909532c65e9824844
-
SHA1
92cfacf2ff7d0a746064584d920ab4069bc8d2b2
-
SHA256
560bbd5b4fd7fca4991ed0bf251883d6d9d1023f59cc1ce364923737b96afcf1
-
SHA512
7244bfa09f8fff4f9a73306b1bb13c1751fb973cd163c0848c8fea116bea59f1da7575a5251a4a39b91699c5cac3b2cafd27982c8c3447a6e1587d355068b776
-
SSDEEP
6144:P2Tx1CON752DK3NSJXbCxl+Ij9+V+YviOaAgahp5gRNXT/NUdAMVYrTkTVrPV4:23+LdB+zOpd2Nb2IkQ
Score1/10 -
-
-
Target
DiscordMulty/lib/DSharpPlus.CommandsNext.dll
-
Size
75KB
-
MD5
430949bd7700acf32219c4fa4e40557e
-
SHA1
f7cfa7f941fc00d204623f7396362f90c6eda262
-
SHA256
c86b413716da6dd0a50348a2bd0166b686e6e61361fe16e8396ff92490e592d5
-
SHA512
18ae9b1813b44ccf7644cf21cf4ff157e5e999354f9fc5716ba28300751babff610e5bfccdd1e1deeef0fcb62370bd1bce64e6969b644a3a7200fa870d3c853b
-
SSDEEP
1536:Exeas5/d0n9HhCuY13Yx3Fllya7d4lQy2J0r4cJYY:EY5/sK13YxTlBd4libcJYY
Score1/10 -
-
-
Target
DiscordMulty/lib/DSharpPlus.Interactivity.dll
-
Size
45KB
-
MD5
c71a72037e9e3864409cf7c11a8e0dae
-
SHA1
11db0dc975f2e2f7c3c2340efeb690206efd6524
-
SHA256
b145b8baa88c1858e32be81ac439cc6852baff784a520345623abaf70f310e7c
-
SHA512
fd59ff5036c51493152c4700ed49c98c6633614b4b3aa91c44b9be3dafc6ec1eafd133b535b262245d5bc464b7482088a5d4c312389f5c3aa9df018287f15b44
-
SSDEEP
768:gCLDM0WU1QLLbN+B4dJRxBN/SkYA9x1T2CPiSBUxczMsZv1JzLS1SZu0:rD/ELbgQDS3GTZO+
Score1/10 -
-
-
Target
DiscordMulty/lib/DSharpPlus.dll
-
Size
583KB
-
MD5
6af3eac8e21dca74885ef66a63645b5c
-
SHA1
c869c5a45e5e28740727321d909278ae8d17895f
-
SHA256
ff7127e0d535b02a768f9722852327608e9a6509ad0a767f071c876f3ac66be6
-
SHA512
d2f150e772519a50cb44bcd356c7d93421aa511cde1cd011957ae1fdd33fbd1085a91837eec696f3c08bb2886605ffc43b143904d1ca8162ce1d49d1841e3678
-
SSDEEP
6144:K075oJI9epDhnRplRdUwPbe9RDpDDDAgDDk5uXvnA3QNV2q:K07B9e51fPqpDDDAgDD7cQ3r
Score1/10 -
-
-
Target
DiscordMulty/lib/Discord.REQ.dll
-
Size
73KB
-
MD5
954db55a18c2e6e01b45668a84418346
-
SHA1
d61f6d6139d14290ef6fac35496fcf474887c653
-
SHA256
61cc7051cd1585a15fe544662d17b50b846fdc0cd21c4eb569649c87687cd45e
-
SHA512
03d6b2f6f6716fdf208145b8a83f04e9bec841d5cbfd8239084296870819e3edac7b8cae25d7d1345bfac18ec4de182871e1f5410a0e3753d5478a5285077f42
-
SSDEEP
1536:o4qITAvwWjVxjwYUIUXvir8nh5YKalYGMNpdcZp6XwTO5HVP8GRKhiy6:nAvwWjVx8YUIQRyKalYGMNcj6XwTO5Hj
Score1/10 -
-
-
Target
DiscordMulty/lib/Figgle.dll
-
Size
473KB
-
MD5
7c89d3e9baf0648fb767a70e0eacc35c
-
SHA1
6558308ec9d4be79b001c03030401c0e3c9701bc
-
SHA256
ba6a8965961f80013100f0aa804565edfec035b141cc4484a60b658a1b858dd9
-
SHA512
00b62dea3d4b4dd60ef307121acf1357e418b3de69b85b8ccb0f74dbb28c357a8dd410020ef325dba5c8bab8c2eac41234686a8e4fdee24063734f3f860ee7d2
-
SSDEEP
12288:dwnZ6NqfPaM8r3dFxDxXrxgRX7Jb5oc3Z:SnWqfPaTBDJxgnbJ3Z
Score1/10 -
-
-
Target
DiscordMulty/lib/Leaf.xNet.dll
-
Size
129KB
-
MD5
ea87f37e78fb9af4bf805f6e958f68f4
-
SHA1
89662fed195d7b9d65ab7ba8605a3cd953f2b06a
-
SHA256
de9aea105f31f3541cbc5c460b0160d0689a2872d80748ca1456e6e223f0a4aa
-
SHA512
c56bd03142258c6dcb712d1352d2548a055fbb726ee200949d847cb2d23d9c52442b1435be0df0bf355701a2c1a3c47cd05b96972501f457d2d401501d33d83a
-
SSDEEP
3072:gE3OJDHIfFLlL3pPiqhcLS/oZhttaMBM2cid:gHWZxJiqO
Score1/10 -
-
-
Target
DiscordMulty/lib/Microsoft.Bcl.AsyncInterfaces.dll
-
Size
20KB
-
MD5
1ee251645b8a54a116d6d06c83a2bd85
-
SHA1
5dbf1534ffbff016cc45559eb5eff3dc4252a522
-
SHA256
075ce79e84041137c78885b3738c1b5a03547d0ae2a79916e844196a9d0ec1db
-
SHA512
9f67fd0566eac2da4253d08697daab427e4e85780615d940f086a88424dcbb0563abae7e4824088e64ef7024c1bb3bbf324f2d07bc7ba55f79e4af3c9ea88e97
-
SSDEEP
384:69P2wZOXm7YJVHTe+0VJI0vrdaVemxO/f7vWeq/WIdHRN7bg30uw7lGsV9W+:u2zmYrHCV9cIL6TbtCSW
Score1/10 -
-
-
Target
DiscordMulty/lib/Microsoft.Extensions.DependencyInjection.Abstractions.dll
-
Size
43KB
-
MD5
7a9b8793552ce40160a6d273b22f807e
-
SHA1
1c302ea0a44f517b97af19252140ec710d5d3bfb
-
SHA256
200aba7859ecfb045d43a8e2bf9abce4c929507364b7714388f59affe708fb06
-
SHA512
7d5ea03d5815a6f5705875fe6c2d2179c6ee5468d6b19423f04c8982e64226e656bfd7ccaf7a5756c7046d2e6d2c3504190ba642e02bc197d48dad9320fd6bd5
-
SSDEEP
768:gQnUmCQ0dQ8d2TN7uxgoXvM4s8w0woFY9SP8:MmC3dQ88Tk+8vM2fBO9I8
Score1/10 -
-
-
Target
DiscordMulty/lib/Microsoft.Extensions.DependencyInjection.dll
-
Size
74KB
-
MD5
43976c7dd59919e767527398d3fd7e01
-
SHA1
b7913d30630356b814da0533f126d75e64594849
-
SHA256
c85cf85783322abea6532c10f63f7dd6745398ff875486ab869ee542ee731fea
-
SHA512
dd643dff991338dc85a0dcf36b1a14271986f11cd810b64a1924c1752f141c296cd33e932d66aace26a04ff4168710a44507f95f54c96e00eaedce70d42b67b3
-
SSDEEP
1536:cNOvcLxIFcvKln7wrSWp+1utn7Q3lFkmidDGwlF0TCOjzrT:cD1Is4mSWp+18Q3lFkm4ETCW
Score1/10 -
-
-
Target
DiscordMulty/lib/Newtonsoft.Json.dll
-
Size
683KB
-
MD5
6815034209687816d8cf401877ec8133
-
SHA1
1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
-
SHA256
7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
-
SHA512
3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
-
SSDEEP
12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score1/10 -
-
-
Target
DiscordMulty/lib/Polly.dll
-
Size
262KB
-
MD5
b33a87495e57b6ee55bf9668a943b465
-
SHA1
d7864c77b5356bb23a72c56af2efd2ac47478c5a
-
SHA256
12e15418fd0004426ec4280ad31d269ef926b91d58153eea740ce90d6725574a
-
SHA512
c97b305aee8b9f4f7b782b9868f1650b1e56f22b5bb8584f65bc6a310f764c16c9148fe8966a9d3267d5c1f1f9d476f895ca459f1743657dc4541d7a9d6d893e
-
SSDEEP
3072:081atC3DkYDfflmPS2h5AQO6wSZqDpPeFx:0zcgYD1kp5AQOzSZqVG
Score1/10 -
-
-
Target
DiscordMulty/lib/System.Collections.Immutable.dll
-
Size
238KB
-
MD5
aad3b7c5828e16b4c8071e5ad64b3f7d
-
SHA1
a9049b07b9f5c9f4c3da4d4568781ba58564b896
-
SHA256
a8e9ce5d4db1897a939e60860154617300b0dfa4c4d3e10341f21af0de4bbfd5
-
SHA512
5eb044397db450090c41b20b99385c085f5e08d4983bf2bb34f2bf026f6df747b37839ab309846ad1fc1b76519ef77deb28ce4831f8140c9dcdd8fb1700690fb
-
SSDEEP
3072:u80xOpWDN5GznPbTl1kCaHa5OcQ60YEQiZVAaI5SBdGO36m2biZkYAoNliuqxEN1:u85ltaHaIcaCiQ55K7aiZ3AM4ER
Score1/10 -
-
-
Target
DiscordMulty/lib/System.Interactive.Async.dll
-
Size
202KB
-
MD5
dc8ef87098c7d9558bb37d286e845d37
-
SHA1
f825c24e9d87333612ed22da77b64555a338e2ec
-
SHA256
30745f077a2370f0695a1e182850b7e1e756d7c8dc708f3be2ddf4e364187d6f
-
SHA512
7ede988f59464e24c6ef9932926c45c5178f013029439f722c0a2c409cba45c8cfc00e5b7d95df8d633a38e22faf445a1730ca93bc2832875b03912b4040c95b
-
SSDEEP
3072:cZavR4Kcdd0pH24zQLae8b3w3RdY7Obp8LGfYKssY:6avICHnzQ+e2wh8D
Score1/10 -