General
-
Target
MFjGBrO.exe
-
Size
475KB
-
Sample
241215-l39rdssngr
-
MD5
cbe2f2a631cafa3abf6169b419e84dc5
-
SHA1
20ac6d8060f99f16a92db8aa55ddfb7b2f2997c4
-
SHA256
f23839bc1f59d1cd4c542169e22882ac68063a169ae6f3e25e82b91c5e300b58
-
SHA512
0f879a83e08f43576786fc5e561c73e1eeec0799574e5ba3018b88b96b1abbd177385f7b0b3db3d97fdf1328ec2b0813223ab725915eb57774362f868a076d1f
-
SSDEEP
12288:byveQB/fTHIGaPkKEYzURNAwbAg8FvKIfKJzHj:buDXTIGaPhEYzUzA0qJKIfizHj
Static task
static1
Behavioral task
behavioral1
Sample
MFjGBrO.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
MFjGBrO.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
discordrat
-
discord_token
MTMxMDkxODg1Mjk4ODc2NDE4MA.GzBXeG.IQdsANXf5vF4yFt_OatJlXeGmRVH0AzHFLzfHw
-
server_id
1310919517383294990
Targets
-
-
Target
MFjGBrO.exe
-
Size
475KB
-
MD5
cbe2f2a631cafa3abf6169b419e84dc5
-
SHA1
20ac6d8060f99f16a92db8aa55ddfb7b2f2997c4
-
SHA256
f23839bc1f59d1cd4c542169e22882ac68063a169ae6f3e25e82b91c5e300b58
-
SHA512
0f879a83e08f43576786fc5e561c73e1eeec0799574e5ba3018b88b96b1abbd177385f7b0b3db3d97fdf1328ec2b0813223ab725915eb57774362f868a076d1f
-
SSDEEP
12288:byveQB/fTHIGaPkKEYzURNAwbAg8FvKIfKJzHj:buDXTIGaPhEYzUzA0qJKIfizHj
Score10/10-
Discordrat family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-