discordrat | botter[.]zip | Triage

Resubmissions

13-01-2025 04:03

250113-eml7tsxnbl 10

12-01-2025 14:59

250112-sc7bxaxjdv 10

Sharing

General

Target

botter.zip
Size

28KB
MD5

9f17123dc224a53e3b754982951204e2
SHA1

cc350504bd1ec1eb05543e530b928861ff3a6542
SHA256

be5b74f1dcd692567847e16cb940b95e578f597db208069fff152f231bf942d5
SHA512

8b92445d2e7fedd56de4ee593cb0b8812cd7677b6694f9380ea399b1e58a6f8c58c2fb96806a43c8140992f6fd339ee6cad58f1e9e5a079898a42395a5827bf2
SSDEEP

768:pf/gFKX2k90h0F++nPoiWUYKt+PtVqotApgL:pXgFK+CbY06V5

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
4D544D794D7A51314E5451304D7A49784D6A677A4D6A67344D412E47777A4D35482E686E7467374B6B4A644C7A496F516D38395F4C62725575584F6B38692D5A694C31572D57624D
server_id
1327726809084854434

Signatures

Discordrat family
discordrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/botter.exe

Files

botter.zip
.zip
botter.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ