discordrat | Client[.]rar | Triage

Resubmissions

07-11-2024 06:52

241107-hnee6ayanp 10

07-11-2024 06:51

241107-hmnx7sxjaz 10

07-11-2024 06:49

241107-hlwawswrhz 10

07-11-2024 06:48

241107-hk3ctayaln 10

07-11-2024 06:45

241107-hjdcasyajl 10

05-11-2024 18:32

241105-w6ncnswcqe 10

Sharing

General

Target

Client.rar
Size

26KB
MD5

54d133c341ccbafcf66473c38e452652
SHA1

13a29d944a56b420f814ae328a4765b62eab7b73
SHA256

5ba163f9a4c8f545e21e8de4f70be6eddb6d2b90137af94e4f95a8d3f5b5ea62
SHA512

a216a0031df75eb5b00996e421de7288e0121719c94dc4d22214778da6e2ed724891e970b33354290a1b99b5b3cd04bc2f280b1189a21c0a0c9a18f8b4f90ce8
SSDEEP

768:wrM20wFwQdr23seLbk7iQY3S3pE0ITIuo2c:+MYFwSqtnk7ix3S574+5

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMwMjYzMjM5NzQ4MDc5MjExNQ.G54kHc.dXC4p2G7m3XikvtpmbIepFkTto52Uc1y1nNfUQ
server_id
1302402013232894144

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/Client/Client-built.exe

Files

Client.rar
.rar

Password: 123
Client/Client-built.exe
.exe windows:4 windows x64 arch:x64

Password: 123

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ