General
-
Target
nezur-faking-unc-v0-9bo7ts6at0od1.webp
-
Size
176KB
-
Sample
250304-s3h21avjt7
-
MD5
d444757770ebee84843f2922c430a3b5
-
SHA1
ae36d68db168d69bfe90fb22f703b638070b7d8d
-
SHA256
20be8d6207184dfd8d235813a15943d41c17434c5ba8d044f182161dca2b33a2
-
SHA512
a242ab595865991219f8e82a1d1d4c5d01d71a308a8e4ddc4b3746cd199f7890c1c283ba9c815977938a474046d089c05b4490e5323c225d8412f0340418d314
-
SSDEEP
3072:8ihYfiRKLglPj0xMczOFm2HYyEOEvnYONFs8jNDGCsekDyJNO3:Vh67glPj06KOFFHYyEpnLNZBrhA
Static task
static1
Behavioral task
behavioral1
Sample
nezur-faking-unc-v0-9bo7ts6at0od1.webp
Resource
win11-20250217-en
Malware Config
Extracted
discordrat
-
discord_token
MTM0NDIzODgzMTUzMjExODA3Nw.GlXiSY.z6upbo0NihUT0_wVluygB2oHiMojktYarODkqM
-
server_id
1343168794809339964
Targets
-
-
Target
nezur-faking-unc-v0-9bo7ts6at0od1.webp
-
Size
176KB
-
MD5
d444757770ebee84843f2922c430a3b5
-
SHA1
ae36d68db168d69bfe90fb22f703b638070b7d8d
-
SHA256
20be8d6207184dfd8d235813a15943d41c17434c5ba8d044f182161dca2b33a2
-
SHA512
a242ab595865991219f8e82a1d1d4c5d01d71a308a8e4ddc4b3746cd199f7890c1c283ba9c815977938a474046d089c05b4490e5323c225d8412f0340418d314
-
SSDEEP
3072:8ihYfiRKLglPj0xMczOFm2HYyEOEvnYONFs8jNDGCsekDyJNO3:Vh67glPj06KOFFHYyEpnLNZBrhA
-
Discordrat family
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-