d72f9698b167953faba47d00d817412c212e39d2aca60dff25ec01e98f6081ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

livebot-win32-x64.zip
Size

99.8MB
Sample

240819-bd2pdaycrp
MD5

fe26a833a00fe6d9d6491cb7ceb4164d
SHA1

884577e9a3661e553148e59e794986e17d301173
SHA256

d72f9698b167953faba47d00d817412c212e39d2aca60dff25ec01e98f6081ea
SHA512

0dd301d74eafbcf40a5b43fc8d179185a496f3b5cac282b43d04c7bdd6d366d6baa5be3d366dfbfbeda3f9332b7fec1796b3bce1ffd6498b044fa7cf49d0f803
SSDEEP

1572864:TU+fW+vdU1K3fCPlANltlhicj8C6OIoR+b2JdskI/MkzOaodZ46jOqwc6fgu:A8W+lU1BANjL8C6q+qdskIlzOtmivC

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/builders/dist/index.js
- Size
  
  82KB
- MD5
  
  ff9ca70af7770d46c95f4cef213924c0
- SHA1
  
  ef33f624ba4d53f250f233028485587b15262be5
- SHA256
  
  3d9d34cde8e7c5dd24685d373bb09f564770f01e4175ab4e0546287fd14405ce
- SHA512
  
  9a7a166861a0f0030aca58605056ec1f3fefd6b223be8cf1f065578af3cabff0dc6fc67d92201ddc45c8c3af7c769d1969bab77aaa76837c70bebbe25bd11210
- SSDEEP
  
  768:MYshLtEE4/3sW2QM1mhpatHTHC7FQHF/Si6a2F6oF5FcDnCvTXDsTYMX7Sws7vA+:MYs9HFuXDsTYM8gRDcTX
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/builders/dist/index.mjs
- Size
  
  76KB
- MD5
  
  c53206f4e8eaa22ce149cd12ba724ddf
- SHA1
  
  b4d0631120c1b90d64671b6d22da8442c3b0da7a
- SHA256
  
  2fcfa90f502aa501bd2a7bcb25d9f8cb67876443b5af5a2e8fa65c2c21745364
- SHA512
  
  fc24ba06a6e7cca0e871810a8537945a8905b7ead2632e69c977e499a54640ddb2d7a3556ab288df0647ba3f032fa2d0448d13d50befff8d5cba6d33103c346c
- SSDEEP
  
  768:BYnWiRMVm78wiHX3C7FQHF/SS6a2F6oF5FcDcCvfXDsTYWT7blx7pA7o707A7Ulv:BYDjOXDsTYWJwRDcTe
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/collection/dist/index.js
- Size
  
  17KB
- MD5
  
  5692c5fb166bff4cd6a9dcc25bcf3a15
- SHA1
  
  f6f4be4e7817c3063e88eaa0c2b090653c8034ff
- SHA256
  
  615181497708ec7cbff1667617dd0f19fd201bc6d06489d403eb273f6ff4d4ed
- SHA512
  
  773e035ee945177b9beae647ad6fdc75ace33104f366bb3af803616c8623bffda3e6d5c81d374eddcbf7e06e68cc0420be603bcdc52829b7480dad3cec94cba0
- SSDEEP
  
  384:wYsLH4Ff1q/tqIwP11i9S9ncXTCcXdKZvgZvdcRPxaTT1Ycr6YcIsyOmlTRMDKv5:wYskl1q/tqIwP11i9S9ncXWcXUencIk+
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/collection/dist/index.mjs
- Size
  
  16KB
- MD5
  
  ddcd1861a5ae3647bc3afb0d4ee4ecf7
- SHA1
  
  8921233ca9695459a9de941b2c241acdf4cf350b
- SHA256
  
  55993e204873e6311dffeda9745ef1172204cb6cae301163d82db65e71695849
- SHA512
  
  2959577d0e1ad667460620b5cd5340353338dd1478c5fd59f4a5d01c6c128f9979025ffdf9463ff9c87995bbc307966ca2168081f629a90b838c31870607fd0e
- SSDEEP
  
  384:B8Ff1q/tqIwP11i9S9ncXTCcXdKZvgZvdcRPxaTT1Ycr6YcIsyOmlTRMDKv8XYpm:B8l1q/tqIwP11i9S9ncXWcXUencIkyOv
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/formatters/dist/index.js
- Size
  
  10KB
- MD5
  
  e6986bacc03b37094f52c528448e5a5f
- SHA1
  
  b4aaf51f68196e51bb06c61460cc8dcacfd63ecb
- SHA256
  
  269a6578cdb947461f119b875a078b69052bcff27554997adb9b77e430f0a367
- SHA512
  
  ae9a3be81b7aeedb7df7ee6a4a8855586f2d2511102c3db6257c8132d64bf7f48706936e4bc6f9ea99a9679072595a4e201f5647a0922275b33a88ef138c9c05
- SSDEEP
  
  192:wYl+RmnR4vnu70UgfvSmaLgEdcNf1U4OctxECAeWNJx9FmNLWxsrk1pHeNhAqyj5:wYsdvV9fFlEeB8mNLWxsrGRevAvF+RQ
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/formatters/dist/index.mjs
- Size
  
  8KB
- MD5
  
  f1aadc90c75dcd99467e991bc107b5b5
- SHA1
  
  1deccc66f3fddf08d1dcd046c1a5bef16bc9bf11
- SHA256
  
  d254ac87b482ee09d4af06d5e53f8c4627ee11d7fb2047fa14de696abc18b76c
- SHA512
  
  91b1f84667c029579e089339ec8ac149f88f0d477e90c87e36ad94d5a23ff9cd4c1f50ba34f27a77ea971b4f90d0b71bf32f4d0e083de713979b1465ae7b6904
- SSDEEP
  
  192:BIgfvSmaLgEdcNf1U4OctxECAeWNJx9FmNLWxsrk1pHeNhAqyjdRFMGo:BxfFlEeB8mNLWxsrGRevAvFXo
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/rest/README.md
- Size
  
  3KB
- MD5
  
  6043f2cdf8153b9a6050b8e8f5cc14be
- SHA1
  
  c46d3a768fdd79b48a975fe9fce4b8753c3bd2ee
- SHA256
  
  056da50feeff0ae80927f101fb9f9a9baa7f4a0b48858147af6fd08a470fe9ba
- SHA512
  
  78d7d454cdaa0bd4148c2653eb001509dc06ee9be3be19b30bf46bdcc4d138106ea6651aa06f0599c60bc52bd50f3c482a1ada3498b88f86cbfcbf1bc6ffdc0f
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/rest/dist/index.js
- Size
  
  48KB
- MD5
  
  63135b0ddf6733a7304205164571239f
- SHA1
  
  921818bb2d2a7d46dfe19b5dfe25bb9fb667a6f6
- SHA256
  
  3a6842f36a7f978769d75b3b0e988a28a45deb80938bfccec1f631a7ce07047b
- SHA512
  
  693bcab97696ae96c29be93fd90ee68567a63399553b462448c7a7199ef1c7d93543a0bf0c615b6123b94364b5534731634ebdcf9952ac096144d4bf333c68b3
- SSDEEP
  
  768:MYsrLFP+g5jai6NSa+tVLY5ZIO4mw83GK:MYsnFGGGi6NdIdww82K
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/rest/dist/index.js.map
- Size
  
  101KB
- MD5
  
  74c4bbe2163883a4e395317b1a7193bc
- SHA1
  
  b96a1d13d247c3d95d05bc476b6fcf7b73742ad3
- SHA256
  
  b5f109f987fc7ff3f3ec207fca00394cb882c656285ff1e3a9b4e070691e33b8
- SHA512
  
  65191e0a5b9d7fa3bf15338bbab47e4d4cda329752f8a5c9798943a44896071cb92acfb24cdca513c3c7f36fca07d1eb78e3de399745f78afe4d2c721060d7ae
- SSDEEP
  
  1536:1aLHoa8YJb510xD3NF1vQY68ltbq7Fwvy4pfoPmvl:g1YmY6qt
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/rest/dist/index.mjs
- Size
  
  45KB
- MD5
  
  2cfeed6f238589e07f243a209c69dd60
- SHA1
  
  80830d76d98a112aac03d54b87432f3d0fd43c76
- SHA256
  
  6fbd18d858107969e9f3dd37ecb86f9a30b9e89a8160862b2a87f337891b0d0c
- SHA512
  
  0cfad22cf86f2c415c4aa49650ed90ae82e747e2174f5f4035a9ba9c08e0c528121478b0292049bd6ceb23bb71b8c53e94c34b37f5d46af296777a4fdb76a4b6
- SSDEEP
  
  384:BfD9GhLTmMD1N4AFRsi6NQRsQkxoHEkdmoVWnz/oMA8C1yJ4G7+L/+i+5Zz168Ip:BfBg5hai6NQa+tV65ZIn4Q28cGR
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/rest/dist/index.mjs.map
- Size
  
  101KB
- MD5
  
  64ebc0649ceb450cc19b57f0bca2f4d7
- SHA1
  
  a66e73e968a11c00ac98e603af3d78e30eec4cb7
- SHA256
  
  fdb967e7fb9234c53d8c52041937d6a9519165557f5feac2d951187aeba6a23c
- SHA512
  
  47c2902ef81a9ffe75c951b6d9d826192216d88b721c778777940b07fc6ce362434d90c072deba136f5a87975d7a21a8e276505c99e48cb964987c0e492f9135
- SSDEEP
  
  1536:Zoa8YJb510xD3NF1vQY6qaLNLtBLbxZvg6NfiHXvr:r1YmY61Q
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/util/dist/index.js
- Size
  
  2KB
- MD5
  
  6e695cc563191d71d477fa8b2b3014c3
- SHA1
  
  7dfcc5d295dc876de1eaa7a184fdf3c18fe9dec8
- SHA256
  
  efc93d1cf3765ea692f505ded1b4bdd5d81af080917e8981a2ee2620b134fdb7
- SHA512
  
  143f1566a373860658c9f7aa26a974e91ae50d8d7bad27a099322a68ff608ba1388a317d44af34242cd52ff92e78da0eb4f4945c34b1e6812b27dff85989447d
Score

3^/10

discovery execution
behavioral23 behavioral24
- Target
  
  livebot-win32-x64/resources/app/node_modules/@discordjs/util/dist/index.mjs
- Size
  
  1KB
- MD5
  
  d6158a4dec386aab9eaf6aaa061cff30
- SHA1
  
  18948d36e49f2f34221960bc30409654e50af60a
- SHA256
  
  a4efb63c028b2bc3f63b56705d08f0064f663ed1aeb8f4a3165363824e8fb671
- SHA512
  
  0b42b2ac2db502dc7f8dbcbebf42cbbb1a9c9df1d12f6306dd09664def448c041276c2357ec037cde7158eeab3bc29f69dded7c0e48b658bf19376373cd1d29f
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  livebot-win32-x64/resources/app/node_modules/@electron/get/dist/cjs/Cache.js
- Size
  
  2KB
- MD5
  
  91e1493db5f3972e7899f579be008d21
- SHA1
  
  be0f7743097a2aa08a0ba622b8d2954673538d34
- SHA256
  
  b65dcf5a2665d242b6a933aa3796ecaeb273cbfb354e961d2e76ca09ad019d91
- SHA512
  
  f9136e7e0b06da74cc7cf349223a95bb17626ca730ed87fdf7415dc7ecf8d5157ad51a360eaf46132f3da555ecdeb05123f11cb337a67179498105e40b18b9d4
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  livebot-win32-x64/resources/app/node_modules/@electron/get/dist/cjs/Downloader.js
- Size
  
  115B
- MD5
  
  b52d693cea074f201f265a24ce3180c3
- SHA1
  
  efd6537296452b62aafafaec32ab10e5f2038d4f
- SHA256
  
  f0fd5dcae5a108c91b3a4edb030d7db9fb8f13642a18b366648de48c2b6a8fca
- SHA512
  
  27080695ed370bc0540e6d8198aa855a829ac8a2bff70cb3a4ad05f58490343f6866f202b82569c31fe4de6b2d69a69172f7323f1bc6a37f6bffc6499677a18f
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  livebot-win32-x64/resources/app/node_modules/@electron/get/dist/cjs/GotDownloader.js
- Size
  
  3KB
- MD5
  
  d0e60b280b34ef4403061586c75867cb
- SHA1
  
  37020a73fcd962a60e05f0608f3dc298f7fb47e0
- SHA256
  
  d4078d92d17114c59ec6dfa295827128c8c740f0718795e920acc61bb2ed0f61
- SHA512
  
  75c686c26b82f6cd1cd56570b723e0341a713f54eb3f2adb987b03bf207673a4d37c9aef531ab239903932201465ab95d7e440573130491a014e86de6a05d00f
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

discoveryexecution

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32