Overview
overview
7Static
static
1Nueva carpeta.rar
windows10-ltsc 2021-x64
7Nueva carp...er.zip
windows10-ltsc 2021-x64
1Discord-To...ignore
windows10-ltsc 2021-x64
3Discord-To...NSE.md
windows10-ltsc 2021-x64
3Discord-To...DME.md
windows10-ltsc 2021-x64
3Discord-To...ain.py
windows10-ltsc 2021-x64
3Discord-To...ns.txt
windows10-ltsc 2021-x64
1Nueva carp...64.exe
windows10-ltsc 2021-x64
7General
-
Target
Nueva carpeta.rar
-
Size
27.1MB
-
Sample
241231-dt4j1s1qgj
-
MD5
6e078e2e9289d78f4660f36d65c9327f
-
SHA1
9c20e120ea4e2c3cd19df50cee05b839c42e547a
-
SHA256
48fe545d10166c4aea48252deab4a043abd56b758aed8439a5f1479d18ae6944
-
SHA512
b6f8550d7064519dd7487bade6fb7f9ea68e0c6786e17a74c285553327c18ab6663a069b692890747e99e29fb952c70e8ff3ea13c491d8747d5dbb1e26f60f3f
-
SSDEEP
786432:GLcIo8H4RQLIQxYF6Zbq0QSNrjM0qzcFrS0Q4puKS5nWhh:j8YRQLfxYF8e0QSNkN6FQ4AKrhh
Static task
static1
Behavioral task
behavioral1
Sample
Nueva carpeta.rar
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral2
Sample
Nueva carpeta/Discord-Token-Joiner-master.zip
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral3
Sample
Discord-Token-Joiner-master/.gitignore
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral4
Sample
Discord-Token-Joiner-master/LICENSE.md
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral5
Sample
Discord-Token-Joiner-master/README.md
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral6
Sample
Discord-Token-Joiner-master/main.py
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral7
Sample
Discord-Token-Joiner-master/tokens.txt
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral8
Sample
Nueva carpeta/python-3.13.1-amd64.exe
Resource
win10ltsc2021-20241211-en
Malware Config
Targets
-
-
Target
Nueva carpeta.rar
-
Size
27.1MB
-
MD5
6e078e2e9289d78f4660f36d65c9327f
-
SHA1
9c20e120ea4e2c3cd19df50cee05b839c42e547a
-
SHA256
48fe545d10166c4aea48252deab4a043abd56b758aed8439a5f1479d18ae6944
-
SHA512
b6f8550d7064519dd7487bade6fb7f9ea68e0c6786e17a74c285553327c18ab6663a069b692890747e99e29fb952c70e8ff3ea13c491d8747d5dbb1e26f60f3f
-
SSDEEP
786432:GLcIo8H4RQLIQxYF6Zbq0QSNrjM0qzcFrS0Q4puKS5nWhh:j8YRQLfxYF8e0QSNkN6FQ4AKrhh
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Nueva carpeta/Discord-Token-Joiner-master.zip
-
Size
3KB
-
MD5
174ae01f2c742de32a737d71e7ab6a18
-
SHA1
cfe6020fd588bac259b2d711a4b4c409be304333
-
SHA256
4d330de4cd281e28ce39e9da9a44f73c5bcc0ec256983c0b1f51eed2fb293943
-
SHA512
25d092cd5447379ec0aa28d5a88168c12f8313b3fb1686504c89d814cccce6a18e9d68c14cf55a8c73c49f56c19e09fd5474edade486ea0cc987b4817618f833
Score1/10 -
-
-
Target
Discord-Token-Joiner-master/.gitignore
-
Size
1KB
-
MD5
6482f9d8254f7f75af96c66a09031e65
-
SHA1
b631f2309e68ef3414a77d3005ae3e870a477d07
-
SHA256
79b6f8054f8ef5e9e78c18174bf57caf29b11410166b9268d6923e87520eb88f
-
SHA512
673b8cead9a670bc38ea28a57573198cfaf59de370cb3b626a47f3db9919c598cdb3a9f33594024f266b24017bc7273d5b77fd917801a2d2335fa9bbce21e13e
Score3/10 -
-
-
Target
Discord-Token-Joiner-master/LICENSE.md
-
Size
1KB
-
MD5
0c643b6423e3e3f78deedf5022d210f5
-
SHA1
0ab416c3e175b4d45ccabfd27abac5e3c25bb452
-
SHA256
91b25287d54651b302fbbe2107ff53a8ac18e210ddd074c57de912eb7420f52b
-
SHA512
a367f4cda22cca53a177808a8be5f46c8c6b74f25c97c4d5bf2c88eea2d2793655974c959795f4c471be1fbc39978aa26557bc8c4208419b4c71e83598d08c0f
Score3/10 -
-
-
Target
Discord-Token-Joiner-master/README.md
-
Size
107B
-
MD5
6b4e55c8a2c92e5c953125925ffe1b05
-
SHA1
9121315f728a7327ca01c4087d2ffa21e827373a
-
SHA256
7e87a6f58d87ca8ce9aabc512150783bdde605580d993c95b34ae074b2378890
-
SHA512
120601b464a026afe042b041f3d85fd4e22c5e8d0b34fa0fb14beb3be4be4d906f681ed31e4d1410b459ec666c6e0e44be2a6728cf5010bc25df231f4a79b4ce
Score3/10 -
-
-
Target
Discord-Token-Joiner-master/main.py
-
Size
746B
-
MD5
58f14c91101db143b0a90fdc8b1bf9b4
-
SHA1
e3abd4d335d709118b615100cf57e648e9cd2b1a
-
SHA256
b88dd5fea640870cc0ccbe582db0aa3fde782ce3978c76fcb5cf9425102ea919
-
SHA512
683cc70a60867635a4b8473e71a3c5f47e9de1387e49da540dd031437e1fac67de2d9d859f708eb555922a8be19a7d2296460980d6ff4d322d5dfdc6cfac52db
Score3/10 -
-
-
Target
Discord-Token-Joiner-master/tokens.txt
-
Size
1B
-
MD5
68b329da9893e34099c7d8ad5cb9c940
-
SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
-
SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
-
SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score1/10 -
-
-
Target
Nueva carpeta/python-3.13.1-amd64.exe
-
Size
27.4MB
-
MD5
90176c0cfa29327ab08c6083dcdcc210
-
SHA1
cc0bcf37414be313526d63ef708fc85da3b693b1
-
SHA256
6b33fa9a439a86f553f9f60e538ccabc857d2f308bc77c477c04a46552ade81f
-
SHA512
5940aae44386f3622dee3f32e6a98073851a9f646da6bf3e04f050b9a9239e0ddf50b26e5e125154edc5bbebce7353d273950f1111e4ca5f2b4e2e4a7ac7cf92
-
SSDEEP
786432:fKScWFPQmn8ZNPeBvm1+MS3gpir9K8X+a:CcJQS8aBvm16gpGvX+a
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1