Extracted

• • Target

    Valhacks_1.exe

  • Size

    719KB

  • MD5

    4ec8339947d7cbb008baf517fcab0707

  • SHA1

    6a29ca741ef10473b4b6c5af1caf899bc00ad87d

  • SHA256

    820e078ba20a1d71567e03ba9ded74fba3783a332123141333b315c9e5a5a02a

  • SHA512

    3bba68339f56b1c27987e12ab3052f0b4b18ddd4705ef962224d317d14fc8b0910e6cceb422ea2905b7923b20a289a19fb30d22d2c4904dce4ccaee760a6fc54

  • SSDEEP

    12288:zCQjgAtAHM+vetZxF5EWry8AJGy0yvrVBHUl061yhp0xCkScaddIXEBObLJMjJN:z5ZWs+OZVEWry8AFBDVBHUl06YhpmA9D

  Score

  10^/10

  discordratpersistenceratrootkitstealer

  • Discord RAT

    A RAT written in C# using Discord as a C2.

    stealerrootkitratpersistencediscordrat

  • Discordrat family

    discordrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral10behavioral2behavioral3behavioral4behavioral5behavioral6behavioral7behavioral8behavioral9