Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
13-12-2024 03:23
Behavioral task
behavioral1
Sample
LoaderBasic.exe
Resource
win7-20241010-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
LoaderBasic.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
LoaderBasic.exe
-
Size
92KB
-
MD5
46094da1bb8a34bf64fdf689691b2595
-
SHA1
9b95170dd9c718a14e49396a9f8a374e72357220
-
SHA256
cb6d814bf564af56be38a29e93aebd665c29736179462cfb9f9b69f946af8466
-
SHA512
0a1fb7d4d540161501978dde8a141ac899f35e3e8cce0a7a54d712592de9512e86392ed265811f44ecc930a42f17b96cf572d31901cde3646be19cedb99e1657
-
SSDEEP
1536:EbPuJtGN8F+9okEPBAqcBPDyc5I0bpAkAfLgbGNrE9xCIpOMel53:SuJkN8FwokzBBPDyc5RQgbGNrPlt
Score
10/10
Malware Config
Extracted
Family
discordrat
Attributes
-
discord_token
MTEyODc1NDE4NjI0MzI5NzMwMg.G_xQWE.8Vr08GKNWwCukUxcxGqNOzrKAxZRbWmAMlXKag
-
server_id
1316838123023630386
Signatures
-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2448 wrote to memory of 2828 2448 LoaderBasic.exe 30 PID 2448 wrote to memory of 2828 2448 LoaderBasic.exe 30 PID 2448 wrote to memory of 2828 2448 LoaderBasic.exe 30