Discord[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Discord.exe
Size

17.5MB
MD5

cad87205ca8e993907d64526f7f8d249
SHA1

45bd2549607cedcff46a3bf8f6328423a659cdf9
SHA256

9400771e11e6bf91b92107165a8a821aa3ca9682e55dd6ff918cf833c591e4a0
SHA512

ba150480081a0632694a2646e5e555ad2eae6126fb3f52a4de98a59ff524cd6b782a5a0149e2f2263008bc9c853aba85ab67eac1c695272e59594317edbdacd8
SSDEEP

393216:+fYN4G4epdAAndXA7ih6fZSwbVuVWF6OQGLvPArGa3:wK4epdFVA+2YmaefPzPUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Discord.exe

Files

Discord.exe
.exe windows:6 windows x64 arch:x64

183375e8d706ec4e371f80e51b561ab7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

listen

crypt32

CertFindCertificateInStore

kernel32

SetThreadGroupAffinity
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetClipboardData

gdi32

DeleteObject

advapi32

OpenProcessToken

ntdll

NtQueryObject

imm32

ImmGetContext

d3dcompiler_47

D3DCompile

dwmapi

DwmGetColorizationColor

shlwapi

PathFileExistsW

d3d11

D3D11CreateDeviceAndSwapChain

Sections

.text
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.\qN
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uR0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.]C7
Size: 17.5MB - Virtual size: 17.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

183375e8d706ec4e371f80e51b561ab7

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

crypt32

kernel32

user32

gdi32

advapi32

ntdll

imm32

d3dcompiler_47

dwmapi

shlwapi

d3d11

Sections

.text Size: - Virtual size: 5.7MB

.rdata Size: - Virtual size: 1.5MB

.data Size: - Virtual size: 20.2MB

.pdata Size: - Virtual size: 271KB

_RDATA Size: - Virtual size: 500B

.\qN Size: - Virtual size: 3.5MB

.uR0 Size: 4KB - Virtual size: 4KB

.]C7 Size: 17.5MB - Virtual size: 17.5MB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 5.7MB

.rdata
Size: - Virtual size: 1.5MB

.data
Size: - Virtual size: 20.2MB

.pdata
Size: - Virtual size: 271KB

_RDATA
Size: - Virtual size: 500B

.\qN
Size: - Virtual size: 3.5MB

.uR0
Size: 4KB - Virtual size: 4KB

.]C7
Size: 17.5MB - Virtual size: 17.5MB

.rsrc
Size: 512B - Virtual size: 480B