General

  • Target

    Vape.rar

  • Size

    2.5MB

  • Sample

    241013-kjhm5asall

  • MD5

    9fd38e9ca6c7d97e0a832be735a7fb62

  • SHA1

    a747808211ec504e8f2dc49705c982bbcbe8e2bf

  • SHA256

    d3c9145e5d415f26bee532866228c2f8a2dd1256af7efa14682b4f91afbcb2ed

  • SHA512

    90743009b547cf9a34434bcb4b9b0e91ae8d0779f4ac17166d9fbd45cdc36dc63f242de73ce55bc45b555a3be4d9ff540fd06d91e477c7324fdfdff2eb625b73

  • SSDEEP

    49152:hAkDmbVCDJja0U9BhgxY0WDJ7flPzqmfd57:hEbVsJYrDJ7gmz

Score
10/10

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTI5Mjk3NzAzNDk0MzAwODg5MA.GUtIvD.vaGauQAWYFeLWJRnUaocQs4q3Ztcew_JgOoy8U

  • server_id

    1292965909807501376

Targets

    • Target

      vape/Plugins/User_Login.dll

    • Size

      16KB

    • MD5

      b5c01c4fac2d7ae45751adc27f54baf6

    • SHA1

      14dbbcee9b3e1af22a7398bd872adbeb5117e288

    • SHA256

      7c2ac23d3dd3321db0394894709cc41fbfc38737c76d1a67dc0776c1a1e5eda8

    • SHA512

      83e6184473a7d070d0b97c89154c17b2312d1d595cfd80d305533edf8b6273d94fea8bf20c375cf98fc9145b18990c6827adead09e966556d41481a84e9feb34

    • SSDEEP

      192:Ou3swS+adHkKOqZjKLDjZ14BJGj6waP+gUB/SWIeOhODZW6KSRwzNoL:dsVvdHJZGLD91GIyAa9OXLrL

    Score
    1/10
    • Target

      vape/bin/Microsoft.AspNetCore.Hosting.Abstractions.dll

    • Size

      22KB

    • MD5

      14a7a2b79865de5c273b13583bf49763

    • SHA1

      34b5d578bd1c1fb0fd29adbaf8e270909a803cfb

    • SHA256

      e15127aff5576b0c5c84b8e716bf3ab7c5c0e5f17764b6fad45e88e781810284

    • SHA512

      fa3e7550887133551094548d4e089b219f9dcd4ff07d3c9298ca85b1be8ed3004a7643e03d1293d1a378345d40ed86ff7b44036b2b7b1d2d42a7deb7baaddad2

    • SSDEEP

      384:l+MB5Y53KF5Jilg6FJMzzWcaoWXc4HRN7XwTTXZlOYl:ldLEowpMEdBAX

    Score
    1/10
    • Target

      vape/bin/Microsoft.AspNetCore.Hosting.Server.Abstractions.dll

    • Size

      14KB

    • MD5

      4d9d797c82b0af93625718ca9012c17a

    • SHA1

      910eee42753057e3e1849391e5fd4746c1f876b3

    • SHA256

      dc55b200190e101780720ea8c8d3b53f2b5653ebe6f0e0676f1b64595ba9d132

    • SHA512

      3c812b52c00e8771849d991f8a518a0af4ad3b52332c86078a3de08077625784804ff0fd95bf568743f06cd4b26ec3b7634eb02b1aefa2394a8dfcd21dd4c369

    • SSDEEP

      192:RaH+I0E34OcCA8zWh6LWTWv14UgLaDyuHnhWgN7aMW2aoinEqnajxFiIi:c0W4OcD8zWh6LW+c4HRN7B+ElbiIi

    Score
    1/10
    • Target

      vape/bin/Microsoft.AspNetCore.Http.Abstractions.dll

    • Size

      74KB

    • MD5

      4106a161bdbce068267e9054fd907a85

    • SHA1

      0b5679b632122a75f91f151cf88d63f672875bee

    • SHA256

      a852a628dafd880662671395bcb2417cc86429f0f2d46bd8f357c7875862a615

    • SHA512

      731f1998717aa3f156033b7c2d711f4609200c1bfdb24902ed366cee2808675caa8c1aa8d3687e5ae0126b136f02bf9bddfd2ce9bdf462fb630d5d7f087d1092

    • SSDEEP

      768:1HJj7a0NlrIJPBeVS6E6CT092chLRwdqTRESvSiBk5mfS8k8+QHBZ3:1HJHa0NlAeVdSYhIqTySXBk5n8qQHBZ3

    Score
    1/10
    • Target

      vape/bin/Microsoft.AspNetCore.Http.Features.dll

    • Size

      31KB

    • MD5

      2cc772c2e93d19e28098e17a6a6eb03d

    • SHA1

      790b8f91cf0688b92152112305b9c076ccb7d889

    • SHA256

      276c50519e010fab6cad092f192e470d07e44c633399a4bbe9303d9c9aed0a98

    • SHA512

      980eac653eaf674310b9ce543bfc967deca56b3ed47b917e4916e7a7eed13584e05deaa5639c2f3eb6e0671c2795e6948d1a22adca1d8aaecbe77696aa2088a3

    • SSDEEP

      384:T3IDcGf5H2ZZ6X8P1Z4MPbguVJNMU0Ecd1z2jzJNStRm2ioTTNzMSbWlzWX+VkWY:bIDcUH2ZRXPsaS3JiANzzbWzIBNnD

    Score
    1/10
    • Target

      vape/bin/Microsoft.AspNetCore.WebUtilities.dll

    • Size

      64KB

    • MD5

      0d65948a9719aa94218b0012409c3398

    • SHA1

      92deee204350c7c029f59054b115cbed8ffdf1e6

    • SHA256

      0f96a425e05decd3484eecc05f1957ef39768dfb1ce2e4cac9e10ac30361aa8a

    • SHA512

      8438ceeb545f80709594eb32219961e5d13d830ddf7c391866e7e27431fb0658be0a24653f47c8311ad451c365984ecf8ed9b88e963283e8a99b9fe5a637486a

    • SSDEEP

      1536:PX9wrSVM+ZPyr7gyT8vPuEq3W13uX9/H2IDOpC8WiVkxO7Bx:PnVvesHPuEqiuX9/H2IypCRVw

    Score
    1/10
    • Target

      vape/bin/Microsoft.Bcl.AsyncInterfaces.dll

    • Size

      14KB

    • MD5

      2d270ddbca547ab26b5be6e16e4825d7

    • SHA1

      206852b9b8a1a26524446b6b8b820890885fca03

    • SHA256

      3815a1da8afeda653a7a5c2a3df98bef61416552a5d96cd32782ff22b29e5cce

    • SHA512

      17cfcacc46234cd4f232f03cb06c5febe34eecc26e1678d052f6538b4c123962a6bcb5ad633f473fc434d5e49aad8d6ee14a747c9708c5640513116367cfbff1

    • SSDEEP

      192:9YJuPEO07xuWepAoWvW65FdQHnhWgN7aQWCGw4ZLqnajVxyA/ZYY:6k8O070WepAoWpQHRN7nGw6lxA0ZT

    Score
    1/10
    • Target

      vape/bin/Microsoft.CodeAnalysis.CSharp.Scripting.dll

    • Size

      33KB

    • MD5

      9e5aea215020f18eaf6e471263068b45

    • SHA1

      ff682acb24fda2ae209f71616d5ecae176a0903b

    • SHA256

      6901e38a320e28d111e1ba0f2229659ac9bac78cdc08267a56b17c22ec7e15f1

    • SHA512

      7b3ec0700bbfe7f6726a3a66d408fa2dffa0034cf2a2d2a6ba04577bf93aded90b0274ec42affafc24b5512cde979834a287dcdfff08164729dd94fb0c34e2a9

    • SSDEEP

      384:E7YKOjMGJxWGGGGOOOaADwvgBGn0c8oD9bxf2lM10obn6azWkBefWV/WyRIHRN7t:E7xgMegvnT8oD91f2ey4uo01vUi9zGuz

    Score
    1/10
    • Target

      vape/bin/Microsoft.CodeAnalysis.Scripting.dll

    • Size

      134KB

    • MD5

      f0c16fde34267651cd45f7af63697c5a

    • SHA1

      b05b09714e3ebf85d0c591e2cf27164c02fb4da3

    • SHA256

      234f1434f6567eaf651296ac9c1eec4c2b55ebd0b9226b89cd024826b43334d8

    • SHA512

      11019db85773f504a740ba91e61a24bf6531ce8132e17751febd69383f85915ff1062c0b9f6b86409acf286219711c91fe691f2eaffb96420ab31ad5543ba32d

    • SSDEEP

      3072:lal+0vNTRm2VISkbB4PrCD1JcXGyMaCFjaXvf:MftRtVITdIrCDrGVDCF8n

    Score
    1/10
    • Target

      vape/bin/Microsoft.DotNet.PlatformAbstractions.dll

    • Size

      22KB

    • MD5

      00ab0f02b1114c57c758f5ad595224f1

    • SHA1

      8ca2d65ebaa52496c3d963869cc8edeb0a62f654

    • SHA256

      b1f4ad169fb192747f5d2d3111c01db4257e3ec1f7f18f301f7fc4be3b869ff3

    • SHA512

      0ec5e7fa1a48c7abac9e31e00de7de798a8f5b6c613bab27ae559bb361d7d35baf69684e1e3f48c3525e7f2563647e304842f243e6bdf82e44d7c5e3168d915e

    • SSDEEP

      384:oRV2ogIFIB2Xn8fevHJW2r0WSWixHRN7W/4lrlX:oR+BUdy/

    Score
    1/10
    • Target

      vape/bin/Microsoft.Extensions.Caching.Abstractions.dll

    • Size

      26KB

    • MD5

      93291944b39daf29c57e427fd5664950

    • SHA1

      7d2b0a190379b42a866ff447292df42de1f5fa95

    • SHA256

      0de3b2c772ecad772852dba818f75d1b21a2b89b6742bdd2aa85fe886e53f42b

    • SHA512

      d50052da96a3424dd901a1d0bc72d8946f28422b2bd3249d4cef9ba7e5691820b6e1ea01ecf55eba7aabbd6941ae2262380c7a353c7aa057d7b5985581706a74

    • SSDEEP

      384:bhWlFwlgpULx2n0QWFen0fKjE8KJATPzS58D9+phzWcVSWQhxT4bHRN7WlXblV1:slFwTY0Q0eeKY5ATPO58DIdsh6bQT1

    Score
    1/10
    • Target

      vape/bin/Microsoft.Extensions.Caching.Memory.dll

    • Size

      31KB

    • MD5

      41b0a966fd1ded40815e50df8ef8d3be

    • SHA1

      171cc12a9821b84cc2d0aede7638653b719584a5

    • SHA256

      de7e08a80781cec07d2885dff7445ebf86a0c56d3aef5623254d6d90c0a4d492

    • SHA512

      0d371fd903bee26a07c4a2bc3fd9f1cbb58e622bc50277a5f7080154f8db5cc31b28db3cec317c79941e8f422c6452f8c71df0c8bbc23ba867185501df50efb3

    • SSDEEP

      384:0kmwKz54Za7BRnSuw+Hn6AAAAAAAAOzAAAAM9u0Gg8Pc20Jgee4BrpYJXv+6UokF:0kMQoBw+HsT8AqJspoOUw6bOTF

    Score
    1/10
    • Target

      vape/bin/Microsoft.Extensions.Configuration.Abstractions.dll

    • Size

      20KB

    • MD5

      d8e064ad8f2419f204723cf7caa7ab0b

    • SHA1

      f19f20d758dae8563fc4914c737e06f1292f58e2

    • SHA256

      32ccdb2ab4348f195d247f920d1432c0cbb1cc5fd548fec8ee562c438aa48849

    • SHA512

      b2ed620bc914433435e655f7a1c956735f959c3e8c60a182d96ab0a59a54c81ffa0c52214d88c6e48ca82e198ad7e9fcb603d6dc017ec64399fcf40d3178c341

    • SSDEEP

      384:0aEsyjAb8TG/ZvozRjz6r5c3JABzWSPTWC4c4HRN7+eRl3t3MmW:0b/Q4JApaB+eKJ

    Score
    1/10
    • Target

      vape/bin/Microsoft.Extensions.DependencyInjection.Abstractions.dll

    • Size

      43KB

    • MD5

      844b2effc2a7d080f6534ac3f5c27987

    • SHA1

      8c65eea5ddfc2f13e7c749e1b9f933d9c391d69f

    • SHA256

      0fdcb94576c0fec133c24e9c9c66c630a42ff3b6ef384115c9cacb5137b49465

    • SHA512

      e632bf27c9cce0f08c64526023aa2bd522491ef4efb07b4c71b766263de78aafa1be86c968147ec71a3086656b77b4864498417d83ee2c21aeb149aea3e02acc

    • SSDEEP

      768:wQnUmCQewKmOBkuuy+HhoBsy4sOw0wo2DVW2D:8mCN+B8syMfB4VhD

    Score
    1/10
    • Target

      vape/bin/Microsoft.Extensions.DependencyInjection.dll

    • Size

      72KB

    • MD5

      d1eab0788faf50da1364869c5ea83651

    • SHA1

      3401adbe73bf6ac5e9c13e27847c657846cce600

    • SHA256

      bbe80d1d9794a9b9f0b3e8089f521f362605fa68742237a47bce7a8552377a23

    • SHA512

      4fce1c47ba8ab79b94c30af3b652032fa9b04060888ffb28fdf046c9cfd76ca109d1b1dee88b09ec72956c8a20f174cfecd7652409098013d54790c0e6d01776

    • SSDEEP

      1536:pvsuJ6ZoiiIz+w7KC74mWE8+66lF0K1a:VTcFD7KG4mWSEK

    Score
    1/10
    • Target

      vape/bin/Microsoft.Extensions.DependencyModel.dll

    • Size

      78KB

    • MD5

      a30d5c229679fd5340568d32c71947fc

    • SHA1

      da4aacba3e09baa31f4a7dae6631bff65ae309a6

    • SHA256

      1ad43c78c77f95f8548aef0a373819f7d253dab6e38619bc9eaf3e660df6d35e

    • SHA512

      770c3b076f8829775349f24b263eaed32480a2ec8cced838b4b00d98ec742f1cadadea7e0be75a3db554201d25238f4efaefee5845ee6e3986ffe59ba875a78b

    • SSDEEP

      1536:2M6iYnA2zFyc7eLQIWXQitkM+cYsFQoNf16z:2M+nfzfaQltB+2FQoO

    Score
    1/10

MITRE ATT&CK Matrix

Tasks