General
-
Target
ddos.bat
-
Size
1KB
-
Sample
241023-tzm28asakn
-
MD5
15ee8aecfc89d8bed8f362cb46e4b8bb
-
SHA1
c39b884897d73006daa07d29264670d181835624
-
SHA256
7af1c25851ef3f66cbca82540d35470de8a364a469d00a013891bd211f56e082
-
SHA512
553a78c7e82669145767747c287244c2e253a938f7379feaf71425e5f4eeedc612157f812d7d723c3edc57d6f534f152714f173e3b10e55331b16b8f741a3b66
Static task
static1
Behavioral task
behavioral1
Sample
ddos.bat
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ddos.bat
Resource
win10v2004-20241007-en
Malware Config
Extracted
discordrat
-
discord_token
MTI5Njg5NDEwMjY0NTkwMzQwMA.GffxcT.wWuk4gdi5T-RNzCLfFQ4XgAEMO4ZjpXcRu5E5Y
-
server_id
1293738586679672945
Targets
-
-
Target
ddos.bat
-
Size
1KB
-
MD5
15ee8aecfc89d8bed8f362cb46e4b8bb
-
SHA1
c39b884897d73006daa07d29264670d181835624
-
SHA256
7af1c25851ef3f66cbca82540d35470de8a364a469d00a013891bd211f56e082
-
SHA512
553a78c7e82669145767747c287244c2e253a938f7379feaf71425e5f4eeedc612157f812d7d723c3edc57d6f534f152714f173e3b10e55331b16b8f741a3b66
Score10/10-
Blocklisted process makes network request
-
Deletes itself
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-