General

  • Target

    DiscordSetup.exe

  • Size

    113.9MB

  • Sample

    241114-nqrq6axqhw

  • MD5

    5c43e08badaa36f477fae5b6d20b7174

  • SHA1

    ba39b5002a0b23580ba864fa6649c6557de1e06d

  • SHA256

    37e9b180c65e383fc996dee7a1e597ff8bfc880ccf92e084f0d35816e34a6c1e

  • SHA512

    072a26aeed238b7efec27c835ff9d1354ce95f389d5c4a113fb58993c5f9cec53c7349117745b253fcbcba4b4f8a3142007ac1813cbad29d24d1c14c82c3ccd9

  • SSDEEP

    3145728:sUqR3yEYXIrb0ie154ykxFRzlidtDsta0W:76ypXriYkxFB0f4tm

Malware Config

Targets

    • Target

      DiscordSetup.exe

    • Size

      113.9MB

    • MD5

      5c43e08badaa36f477fae5b6d20b7174

    • SHA1

      ba39b5002a0b23580ba864fa6649c6557de1e06d

    • SHA256

      37e9b180c65e383fc996dee7a1e597ff8bfc880ccf92e084f0d35816e34a6c1e

    • SHA512

      072a26aeed238b7efec27c835ff9d1354ce95f389d5c4a113fb58993c5f9cec53c7349117745b253fcbcba4b4f8a3142007ac1813cbad29d24d1c14c82c3ccd9

    • SSDEEP

      3145728:sUqR3yEYXIrb0ie154ykxFRzlidtDsta0W:76ypXriYkxFB0f4tm

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Adds Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks