discordrat | Client-built_Sugary[.]exe | Triage

Sharing

General

Target

Client-built_Sugary.exe
Size

233KB
MD5

29fb910aca6fd630dfc79683b0ae2a85
SHA1

bc5cc2c7a290b5f85ed39bb042b8a8cd20946e59
SHA256

ce864197af77c17580f8dcdc48c20d2ba53c1b9721f07664aebe33b9e7ce4fd3
SHA512

9120a3815d1ce6c3abefc1472eee241ac9c7df382c80681cc477367e160aad4a51dbedd0e6be5e62638ccd2718c75d6c7af138721b12d5ef453475b3257516ca
SSDEEP

6144:hv5PDwbBrnIrXxMxl1TSZOiECd7LbkjrR:hv5RrBGlhiECd

Score

10^/10

discordrat

Malware Config

Signatures

Discordrat family
discordrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
Client-built_Sugary.exe

Files

Client-built_Sugary.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

!Sugar
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ