Resubmissions
28-10-2024 17:06
241028-vml5tsvamr 10Static task
static1
Behavioral task
behavioral1
Sample
Discord.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Discord.exe
Resource
win10v2004-20241007-en
General
-
Target
Discord.exe
-
Size
51KB
-
MD5
85f1a70f2760fc2b1c9dd2e11d178548
-
SHA1
c92415eb189ebb19efa29a1be6eeea7421d2eabc
-
SHA256
9c3a2642864d1680716134111aa3ce37cf1f99829a4d8301b4972230358389ec
-
SHA512
f5a8e36d502992f733dd5473d6146bd0a1b3f17a7377b62f2f628318cccf9cec236ea6bac268d9a4377ea12cd4d984f4b59553d4c5de2481bcb710f20d5a2aef
-
SSDEEP
1536:eblM7Vomh/iB3O0jMOnC5zMHSd94Mu9/f7WWLEI:ebG71/a3NPCOQE7Z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Discord.exe
Files
-
Discord.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ