Overview

overview

10

Static

static

10

DISCORD NU...YY.exe

windows7-x64

7

DISCORD NU...YY.exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Resubmissions

30-12-2024 21:29

241230-1bxp3szkaq 10

01-12-2024 13:51

241201-q58dkasqaz 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DISCORD NUKER BY KLOWZYY.exe

  • Size

    19.5MB

  • Sample

    241230-1bxp3szkaq

  • MD5

    3b74622cb80575e2fd54acce44b7e133

  • SHA1

    9890e867697ae8fd5e35543c3ac257cf03065606

  • SHA256

    39c4afc796f6730ec8da841d1aec05f2c3e87424952f6e85049a98f66edea31c

  • SHA512

    46e8a33ca55d3e10b95054fad61e3ef0ae21c68932e115c45c16d6126d88a9e6cbc8e2701d7f37e11815671427abb863137ce5b3909534c1a04260b2a987bca6

  • SSDEEP

    393216:hqPnLFXlrFrpQQ6DOETgsvfGYgDGAvmkCbaBIIOdWgk:IPLFXNFrpQQrEROTn/Od

Score
10/10
empyreandiscoveryphishingpyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      DISCORD NUKER BY KLOWZYY.exe

    • Size

      19.5MB

    • MD5

      3b74622cb80575e2fd54acce44b7e133

    • SHA1

      9890e867697ae8fd5e35543c3ac257cf03065606

    • SHA256

      39c4afc796f6730ec8da841d1aec05f2c3e87424952f6e85049a98f66edea31c

    • SHA512

      46e8a33ca55d3e10b95054fad61e3ef0ae21c68932e115c45c16d6126d88a9e6cbc8e2701d7f37e11815671427abb863137ce5b3909534c1a04260b2a987bca6

    • SSDEEP

      393216:hqPnLFXlrFrpQQ6DOETgsvfGYgDGAvmkCbaBIIOdWgk:IPLFXNFrpQQrEROTn/Od

    Score
    7/10
    discoveryphishingupxspywarestealer

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      c26ca850b8027b5e4e28a7000145afba

    • SHA1

      1c3dca23fb11230d0f7dae9bd3d5a4852f409d06

    • SHA256

      9d2e1266a391fe12a9790d3d2a9f7835ed06f7f50323199c8e3cb19a6f5c8969

    • SHA512

      00a8ee251199d238fba3ac529b0e1c53ec6e63e135a01d1181b312efd3cd69492c5f6acd69ef89cb6abc621e7eae3f86324f06772a535aa096af7f09f410e45c

    • SSDEEP

      192:wzcA2D848O1WdXwJ1G33Fi5JhwDk/MdwIxnw:jsyWuJ5z2cPIxw

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks