General
-
Target
ggsploit.exe
-
Size
78KB
-
MD5
63f4d849f06b2d5299132c7a49d9951d
-
SHA1
39d400642e22b0b13044a92c52895d879b7130d1
-
SHA256
ce1fcacce7353155439f4064d90b2c6996be833666a6fc8cb58fcc9874aaa204
-
SHA512
63f2ac4eda24973c3a003d30c93debe132be8f357fb1089f5169bd4ef54a0bef7c1794be8f83f4c60f0eb34df797c909f05e692987bd4c7682270d558f69375e
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+LPIC:5Zv5PDwbjNrmAE+jIC
Malware Config
Extracted
discordrat
-
discord_token
MTI5MDc3NzUxNTM1NDIyNjY5OQ.GRewL1.rZmEWtyFw1xziPUaWh2BVUvRwh05H7FaxQvvbM
-
server_id
1290772191046139915
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ggsploit.exe
Files
-
ggsploit.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ