Behavioral task
behavioral1
Sample
339567426457a7273c58adfa2f413d07909f25632e0950ce846503b51afe4cab.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
339567426457a7273c58adfa2f413d07909f25632e0950ce846503b51afe4cab.exe
Resource
win10v2004-20241007-en
General
-
Target
339567426457a7273c58adfa2f413d07909f25632e0950ce846503b51afe4cab.exe
-
Size
78KB
-
MD5
753e87f5c4964def0fda955a4c843788
-
SHA1
c73d5c34fbeeaf2cddfa13b303a823221c580062
-
SHA256
339567426457a7273c58adfa2f413d07909f25632e0950ce846503b51afe4cab
-
SHA512
fa6c7a4d01735c422bb5ee89ba955dde6dd3e290156ceea6b7f2abd786da1741947ec6b0b9d494ff516ced757ff0a23941552f9854312c216437b0bd3a5f5a84
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+YPICB:5Zv5PDwbjNrmAE+8ICB
Malware Config
Extracted
discordrat
-
discord_token
MTMxMjQ0NjE5OTc3MjYxNDY3Nw.GhABBF.61anJPM9L_52V7MlH_CpTqsEUtXmZZkrQXQgfw
-
server_id
1141450322020139008
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 339567426457a7273c58adfa2f413d07909f25632e0950ce846503b51afe4cab.exe
Files
-
339567426457a7273c58adfa2f413d07909f25632e0950ce846503b51afe4cab.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ