discordrat | babaya new[.]exe | Triage

Sharing

General

Target

babaya new.exe
Size

78KB
MD5

7209d6899561c71ca335c2d795d67ae3
SHA1

eb5685dbd5db4d2800649dc3fcc57b9a6917d09a
SHA256

7f63a4691f7d818ef1868d269d38862c0a19dcda170cdb5dd8788d8d451a548c
SHA512

cab4cb58746ff45766fd1566e6a3879d5ff85c759ee620fca9d305dfdd85a8c526d1b296683541821b87bd00e6b678a046d5c9c4b7d7badcb8386b4db8029e92
SSDEEP

1536:K2WjO8XeEXF15P7v88wbjNrfxCXhRoKV6+V+VPIC:KZb5PDwbjNrmAE+FIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
https://discord.com/api/webhooks/1296206480852127744/QR0Ij0ivxObUlFMF780C3YZ5TxjdP8PCuVx-iht_GGwTaj8HwwmhOy18jEHc0UiQWQO2
server_id
1296206452741902457

Signatures

Discordrat family
discordrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
babaya new.exe

Files

babaya new.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ