4cfeffc865e99ab59c5c9f7134bcd174cdcecac858d2e23f652be4b789a4605a | Triage

Sharing

General

Target

DiscordSetup.exe
Size

107.6MB
Sample

240808-2f384a1ejm
MD5

0f05e59dd6db6f1f24189531edef2f3c
SHA1

eaee1d510f5f2d680be88cfdaa65e595cf7eaeac
SHA256

4cfeffc865e99ab59c5c9f7134bcd174cdcecac858d2e23f652be4b789a4605a
SHA512

a6711294394ebbd619e0234f57ea74f5b1a26611184d9032f4e6e8622123320f7cd30a1154481574973528a2710010906f7caa09929849bb36195430bc0f1f23
SSDEEP

3145728:Cx7oFqxoWk4AxVYZ8JsACTBEMfTQtFz7ff5JdtO4JmUm:KzGWk4AxVYukQtFz7ff5Jd4WHm

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  DiscordSetup.exe
- Size
  
  107.6MB
- MD5
  
  0f05e59dd6db6f1f24189531edef2f3c
- SHA1
  
  eaee1d510f5f2d680be88cfdaa65e595cf7eaeac
- SHA256
  
  4cfeffc865e99ab59c5c9f7134bcd174cdcecac858d2e23f652be4b789a4605a
- SHA512
  
  a6711294394ebbd619e0234f57ea74f5b1a26611184d9032f4e6e8622123320f7cd30a1154481574973528a2710010906f7caa09929849bb36195430bc0f1f23
- SSDEEP
  
  3145728:Cx7oFqxoWk4AxVYZ8JsACTBEMfTQtFz7ff5JdtO4JmUm:KzGWk4AxVYukQtFz7ff5Jd4WHm
Score

7^/10

discovery persistence spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealer