Overview

overview

10

Static

static

3

built.sfx.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    built.sfx.exe

  • Size

    550KB

  • Sample

    250207-bxt4mstmhy

  • MD5

    9f845faa8d20bca0ad5b562c49984226

  • SHA1

    5d9b152c9687f8f8e6359e5f9b3da34dc4ae1448

  • SHA256

    0fc69c69c41de8a3a9b20b7387ebda3cd6948d25da1755c20404fdefdda53555

  • SHA512

    eabcbf804b7090ad2a31af90e6072bbe86bc2d9870306dae2c4262b3588f042d4248591cc665d5167626403a5f6ced92dde7161e933aaecea08bc3b8323a3adb

  • SSDEEP

    12288:NenOND3GsvSAQoReDhwAZbmajZk/f7SGqlJ6P:gnOlW8SnXFwAtmajGOGqiP

Score
10/10
discordratpersistenceratrootkitspywarestealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTMzNjE1MzM2MTU3MzIxNjM0Ng.G2Ga3O.6fY2Q_xGRBTkZD6yro26PYZ_j0hEJCFaIweb3k

  • server_id

    1335778556487139340

Targets

    • Target

      built.sfx.exe

    • Size

      550KB

    • MD5

      9f845faa8d20bca0ad5b562c49984226

    • SHA1

      5d9b152c9687f8f8e6359e5f9b3da34dc4ae1448

    • SHA256

      0fc69c69c41de8a3a9b20b7387ebda3cd6948d25da1755c20404fdefdda53555

    • SHA512

      eabcbf804b7090ad2a31af90e6072bbe86bc2d9870306dae2c4262b3588f042d4248591cc665d5167626403a5f6ced92dde7161e933aaecea08bc3b8323a3adb

    • SSDEEP

      12288:NenOND3GsvSAQoReDhwAZbmajZk/f7SGqlJ6P:gnOlW8SnXFwAtmajGOGqiP

    Score
    10/10
    discordratpersistenceratrootkitspywarestealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks