Overview

overview

7

Static

static

1

DiscordSetup.exe

windows10-ltsc 2021-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DiscordSetup.exe

  • Size

    108.7MB

  • Sample

    250127-wlp1rsznhx

  • MD5

    bdacb85d3f5304c743bc75f4f9584e9d

  • SHA1

    bc8290292832a8ca95ce43d89e78cd976f002584

  • SHA256

    5a3e5067e918f7ea604b10d8f99b398d3c226a12fb592c09dae2980e1238f0b0

  • SHA512

    837c99d1e7e533636820bd494678c0152e1033f52d5edb441d09187235d206bf51bce55a777540f854c6831aa988119127a498db9346aa7e2b2aee2433cf2f9e

  • SSDEEP

    3145728:BY8lDo0Wu7li2WlqJzEW3WnEiTjqd/szmNV:aeDoI7lixYJzR32EiH9qr

Score
7/10
steamdiscoverypersistencephishingspywarestealer

Malware Config

Targets

    • Target

      DiscordSetup.exe

    • Size

      108.7MB

    • MD5

      bdacb85d3f5304c743bc75f4f9584e9d

    • SHA1

      bc8290292832a8ca95ce43d89e78cd976f002584

    • SHA256

      5a3e5067e918f7ea604b10d8f99b398d3c226a12fb592c09dae2980e1238f0b0

    • SHA512

      837c99d1e7e533636820bd494678c0152e1033f52d5edb441d09187235d206bf51bce55a777540f854c6831aa988119127a498db9346aa7e2b2aee2433cf2f9e

    • SSDEEP

      3145728:BY8lDo0Wu7li2WlqJzEW3WnEiTjqd/szmNV:aeDoI7lixYJzR32EiH9qr

    Score
    7/10
    steamdiscoverypersistencephishingspywarestealer

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks