d02670382dcd8dfbdecea4daaa264e63db7270f5c1bfd65d00434040c444834f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Discord.exe
Size

57.8MB
Sample

240810-ktvqfasgrr
MD5

6368227471787099ea3674ca96c0f9e1
SHA1

8833a128317e763c449797b07d7e57c7480b1190
SHA256

d02670382dcd8dfbdecea4daaa264e63db7270f5c1bfd65d00434040c444834f
SHA512

f6d984c3d7a780f85679e2ed132f31dafaf1af7add142829ddec9bc275b5ef7d09878140bb9d184641eba54db7ee2d5f17791047fc5b2ee9d4090f3f4a6abe5c
SSDEEP

1572864:ibbaJGgHQuJIe4zoNsaWwVhGRdEmWRgb9luF8o2X0cI:+aRHQuJ6zoSBwaRdEmig7uFsM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Discord.exe
- Size
  
  57.8MB
- MD5
  
  6368227471787099ea3674ca96c0f9e1
- SHA1
  
  8833a128317e763c449797b07d7e57c7480b1190
- SHA256
  
  d02670382dcd8dfbdecea4daaa264e63db7270f5c1bfd65d00434040c444834f
- SHA512
  
  f6d984c3d7a780f85679e2ed132f31dafaf1af7add142829ddec9bc275b5ef7d09878140bb9d184641eba54db7ee2d5f17791047fc5b2ee9d4090f3f4a6abe5c
- SSDEEP
  
  1572864:ibbaJGgHQuJIe4zoNsaWwVhGRdEmWRgb9luF8o2X0cI:+aRHQuJ6zoSBwaRdEmig7uFsM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1