General
-
Target
addon.exe
-
Size
78KB
-
MD5
c9dd1c39262086a465599d62c072e51f
-
SHA1
c6cdf46caf6dd919355bbd3b521fd1ba221d3d2b
-
SHA256
79e9bf7009d97df7ed2e69de1aa6ab4ca5887e300bbf4a2381a38eff4f5e9ebb
-
SHA512
0baf3aaaf40cf0c8341ac9d407b7b8b3f11855c79031f90f632beec3b160e7969ac08e9f97367938539a185987aee3985ad1157095a06d80dd8737f4fb8fdf47
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+iPIC:5Zv5PDwbjNrmAE+OIC
Malware Config
Extracted
discordrat
-
discord_token
MTI4MzkwMzM1MjcxOTAxNTk2Ng.GGkiFE.UJeAu2wEPM4KGVLI7BPdjjiBL-EKR92XuDzB5E
-
server_id
1281866805501100106
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource addon.exe
Files
-
addon.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ