Overview
overview
9Static
static
3DiscordBot...64.exe
windows7-x64
9DiscordBot...64.exe
windows10-2004-x64
9$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...ls.dll
windows7-x64
3$PLUGINSDI...ls.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ll.dll
windows7-x64
3$PLUGINSDI...ll.dll
windows10-2004-x64
3resources/...dex.js
windows7-x64
3resources/...dex.js
windows10-2004-x64
3resources/...xBy.js
windows7-x64
3resources/...xBy.js
windows10-2004-x64
3resources/...xOf.js
windows7-x64
3resources/...xOf.js
windows10-2004-x64
3resources/...niq.js
windows7-x64
3resources/...niq.js
windows10-2004-x64
3resources/...qBy.js
windows7-x64
3resources/...qBy.js
windows10-2004-x64
3resources/...lit.js
windows7-x64
3resources/...lit.js
windows10-2004-x64
3resources/...ead.js
windows7-x64
3resources/...ead.js
windows10-2004-x64
3resources/...ase.js
windows7-x64
3resources/...ase.js
windows10-2004-x64
3resources/...ith.js
windows7-x64
3resources/...ith.js
windows10-2004-x64
3resources/...ing.js
windows7-x64
3resources/...ing.js
windows10-2004-x64
3resources/...ray.js
windows7-x64
3resources/...ray.js
windows10-2004-x64
3General
-
Target
DiscordBotClient-win-x64.exe
-
Size
80.5MB
-
Sample
241115-qzv62sylhq
-
MD5
7acff4b78a019393e795775c788abd0a
-
SHA1
eb05978340ac49e3e574f0c4019cc54a30f406c7
-
SHA256
d3dc7279001865d1d6bc8c4c2e85d93969329618466fc94f03871d36f6356237
-
SHA512
6c5c2a16329d56c8e79c83963ee5be33d49bf74502155bb0733d4370b829f5e860b5cf687d91c9f64f1cb542c7810b2dd2bb1996608ccf60ad54dfdc93fdcf1e
-
SSDEEP
1572864:hO/c+P+15kmpcnxpv2lvc1xZEfOUFAGfIGQOhBLlYXNI2hmbtA5:hL19pGklQKfOFGf8O3eXNlhKA5
Static task
static1
Behavioral task
behavioral1
Sample
DiscordBotClient-win-x64.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DiscordBotClient-win-x64.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/SpiderBanner.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/SpiderBanner.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/WinShell.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/WinShell.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
resources/app/node_modules/lodash/sortedLastIndex.js
Resource
win7-20241023-en
Behavioral task
behavioral12
Sample
resources/app/node_modules/lodash/sortedLastIndex.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
resources/app/node_modules/lodash/sortedLastIndexBy.js
Resource
win7-20240729-en
Behavioral task
behavioral14
Sample
resources/app/node_modules/lodash/sortedLastIndexBy.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
resources/app/node_modules/lodash/sortedLastIndexOf.js
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
resources/app/node_modules/lodash/sortedLastIndexOf.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
resources/app/node_modules/lodash/sortedUniq.js
Resource
win7-20241010-en
Behavioral task
behavioral18
Sample
resources/app/node_modules/lodash/sortedUniq.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
resources/app/node_modules/lodash/sortedUniqBy.js
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
resources/app/node_modules/lodash/sortedUniqBy.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
resources/app/node_modules/lodash/split.js
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
resources/app/node_modules/lodash/split.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
resources/app/node_modules/lodash/spread.js
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
resources/app/node_modules/lodash/spread.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
resources/app/node_modules/lodash/startCase.js
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
resources/app/node_modules/lodash/startCase.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
resources/app/node_modules/lodash/startsWith.js
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
resources/app/node_modules/lodash/startsWith.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
resources/app/node_modules/lodash/string.js
Resource
win7-20241010-en
Behavioral task
behavioral30
Sample
resources/app/node_modules/lodash/string.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
resources/app/node_modules/lodash/stubArray.js
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
resources/app/node_modules/lodash/stubArray.js
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
DiscordBotClient-win-x64.exe
-
Size
80.5MB
-
MD5
7acff4b78a019393e795775c788abd0a
-
SHA1
eb05978340ac49e3e574f0c4019cc54a30f406c7
-
SHA256
d3dc7279001865d1d6bc8c4c2e85d93969329618466fc94f03871d36f6356237
-
SHA512
6c5c2a16329d56c8e79c83963ee5be33d49bf74502155bb0733d4370b829f5e860b5cf687d91c9f64f1cb542c7810b2dd2bb1996608ccf60ad54dfdc93fdcf1e
-
SSDEEP
1572864:hO/c+P+15kmpcnxpv2lvc1xZEfOUFAGfIGQOhBLlYXNI2hmbtA5:hL19pGklQKfOFGf8O3eXNlhKA5
Score9/10-
Renames multiple (147) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-
-
-
Target
$PLUGINSDIR/SpiderBanner.dll
-
Size
9KB
-
MD5
17309e33b596ba3a5693b4d3e85cf8d7
-
SHA1
7d361836cf53df42021c7f2b148aec9458818c01
-
SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
-
SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298
-
SSDEEP
192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY
Score3/10 -
-
-
Target
$PLUGINSDIR/StdUtils.dll
-
Size
100KB
-
MD5
c6a6e03f77c313b267498515488c5740
-
SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15
-
SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
-
SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
-
SSDEEP
3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
0d7ad4f45dc6f5aa87f606d0331c6901
-
SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457
-
SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
-
SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
-
SSDEEP
192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score3/10 -
-
-
Target
$PLUGINSDIR/WinShell.dll
-
Size
3KB
-
MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56
-
SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c
-
SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
-
SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/sortedLastIndex.js
-
Size
679B
-
MD5
edf7c1dd55d8a3aaf886646ab98fb6b8
-
SHA1
b886560112d50f2aef5f1acdcc5cd9296ff6f8b7
-
SHA256
31a10902c20e65ab63869587d18ffa300a3f4f3ddf46051ec6f9df82ffeafa0f
-
SHA512
4239b55372aa7acda3f58cb6479cba8007c5912221ef768037f22c7fee987e5753301efbed7f2bd5db93557a3be0b3504a2386d9cf0b61832aef117bd376bbce
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/sortedLastIndexBy.js
-
Size
1KB
-
MD5
c7f17efdecf80fb5d1877f4ea7fcdbd1
-
SHA1
4bf9117b8f1d0161a8369f127220b897819cd6a9
-
SHA256
a4023ca1c6ea8042e34844fdbb823d3748c22a56271cfe08717265293c75b040
-
SHA512
f816be7e06bc477a9d83ab35265a12710a70dbd29b55976767eafc4f91e5ee35662a91b05ebbd33bfd67b37591c1bb12836c62476a11c0f36e76bfb731338a28
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/sortedLastIndexOf.js
-
Size
770B
-
MD5
cb2fde759991938076500485fb599dd8
-
SHA1
f4a56782a4a913c330d832d80000e0340093e020
-
SHA256
bf039101776c42209d49dc4d6aa71766f6379b649570cbe1820a8665bbd2697f
-
SHA512
7a311919ed0557011311c40e8d44187061549225f21405d02ad36d5be444cbcd51ff75c6c479b5e208e4ba81ea8bd87424ebcdc310d7fec6dc74a50d8d91e1ef
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/sortedUniq.js
-
Size
513B
-
MD5
568e6f15563d47bb860de848740d62c1
-
SHA1
612a221cb2088447b6510930f35f7140ecf41d1f
-
SHA256
7703c411b9007aadde4b059ed06a62c9c0ea8c0ce2727f355a9c50070b4ebd33
-
SHA512
bfca5ca3ff5a938730fd7d98d937f9e654cf067081c462d4fd47834355d8f47abff24e3b2c21e38917874416eb03c8b1bf3d9ade0631cdf775a95e7cfff90a67
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/sortedUniqBy.js
-
Size
698B
-
MD5
4b9f711fa40bfbb43f81de03fb69e74c
-
SHA1
e9ee6345a66fbef43ac161edd568feb2f197a2ce
-
SHA256
8d531a82e2bd8150e5e50b7e2237fcef5163fd4ee63919ec3b1aca73b2420d9e
-
SHA512
403bcd1a2d7fba2c7bfc82456800863cdc5a63a8de56ce87a01adc008d01d70a92838c9108f6a61012b964e101f059ca9e9ba4a5b02cfc11b299b9324a5ea95d
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/split.js
-
Size
1KB
-
MD5
b10beee26acbe6ed42dda344257b4526
-
SHA1
f33b9e68923d6bd511a37658a794104452f1bacd
-
SHA256
9ddd17c2b6f10fcae28e91b8e8448ec8e5a8d97e3b4c8c005fc6d684060b8926
-
SHA512
542da236835a7594052c1841520bca15cd8b65f23b3484a052fda23543892792217b25130638b40b9b04975be08dc2f84c935d1789a2ce9aae9316548d510444
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/spread.js
-
Size
1KB
-
MD5
ed73b3b29d6f3bb10cc490766bbbc23c
-
SHA1
b5e45484e55917c836dfc464d1c1dfb5e016a53b
-
SHA256
73d5b51a697642c4a8a855d06d337473ad15be8f2039287587ccdf760628531d
-
SHA512
004b60241f6f527747f2f52cb492319da80abe1da96f414ce473efde488a48a621793bc4d032d7457f164f74aad7f3bf5375861a27347a542aaf0747d6401d3c
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/startCase.js
-
Size
714B
-
MD5
9f860d4002c8c7942c8005d6169908bf
-
SHA1
5cae4afa2846579e8173a62ae27253a75fb57119
-
SHA256
108cd495196f72d90a5fd94044456cf5a2761f0516923bdeb76740d00db42d22
-
SHA512
1b01984a413823ed538347b12d4bc9498b58f7ae56b78b91ccd85e7062dbbc49bdc77d158ac78847522626358797e576153c6c4c99ee95e925cfcbdb08d91696
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/startsWith.js
-
Size
1017B
-
MD5
170c896bc1e289221c42bab9e40ada27
-
SHA1
10e9857ce37a805453b6e1c5e0caac454d08ba89
-
SHA256
5d9a4b6bb06a1720fa1e97eb9e59a942e52ec2201da91f0ff24c5a68276face0
-
SHA512
7ad7648ef2523fd63f5220ff1b1c3a96006c44f29d91e0fabd4315210d76fd7040b43476e1b1d6c4015dcdcb54b625b6c3a03cb41fd2da9a16015fc8e63ccd1f
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/string.js
-
Size
1KB
-
MD5
721a07aec6e4f9cf2ba3e4ac90e7eff2
-
SHA1
9da506e6420a685f56f77ccdcdd4dfe0ffe552b0
-
SHA256
636bf39182438c55ffff385e677cc705cdef460199b4c509fc9b9acaa56c4925
-
SHA512
44fc2e4a7ae7fca04c60e398e8af4f8181a30d489ff05329a79f1208de1ec18a852690fa0a4c3571db32c9b12f2c08f05f0b2f5ccc36bcafbc273402a1599ca0
Score3/10 -
-
-
Target
resources/app/node_modules/lodash/stubArray.js
-
Size
390B
-
MD5
255f764473d31fae0562de536dbcb7ae
-
SHA1
bdc0e5ed494f2924ffd64e91620fbcd8161f7223
-
SHA256
86957766d1bc7426012c406dd17a928f542c6dc761d49abfb166c476e00ba32f
-
SHA512
1bf1ece6699ecb25b0b80c57a098fa66f3fcdca35b839759e03a77f4f23be6afdc1f04a134f2b664a8b5ce3e4a155be3bdb1b5ae1bc4ff03f22e943027044ee7
Score3/10 -