82f0168b412544b6c47577805b5703a819df2315d26ee433c0ebce90acb05f7c | Triage

Sharing

General

Target

DiscordSetup.exe
Size

109.4MB
Sample

241119-qa1egawdnh
MD5

2bf5396ba0c4339394b10a7a0b25c42d
SHA1

9d8c40b13a62746cd11953b5e66c3e387fabfb9b
SHA256

82f0168b412544b6c47577805b5703a819df2315d26ee433c0ebce90acb05f7c
SHA512

72e5431e4582e65b04ee1745a224c189e849423ad2bd07cbeb9bcb7d337f4a7311d200277b6931a1b142d720e627cc021875e16ecad7d36818c069bae03aabd3
SSDEEP

3145728:aY32goBeD8mTHn5C7R8MKymXDUbfw6OIrnTH+cVyPXBp:a/fBewmDnM7R8MKyLI6JTHxVyZp

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  DiscordSetup.exe
- Size
  
  109.4MB
- MD5
  
  2bf5396ba0c4339394b10a7a0b25c42d
- SHA1
  
  9d8c40b13a62746cd11953b5e66c3e387fabfb9b
- SHA256
  
  82f0168b412544b6c47577805b5703a819df2315d26ee433c0ebce90acb05f7c
- SHA512
  
  72e5431e4582e65b04ee1745a224c189e849423ad2bd07cbeb9bcb7d337f4a7311d200277b6931a1b142d720e627cc021875e16ecad7d36818c069bae03aabd3
- SSDEEP
  
  3145728:aY32goBeD8mTHn5C7R8MKymXDUbfw6OIrnTH+cVyPXBp:a/fBewmDnM7R8MKyLI6JTHxVyZp
Score

7^/10

discovery persistence spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistencespywarestealer