Overview

overview

10

Static

static

10

discord-im...ld.bat

windows10-ltsc 2021-x64

10

discord-im...bug.py

windows10-ltsc 2021-x64

3

discord-im...ers.py

windows10-ltsc 2021-x64

3

discord-im...ken.py

windows10-ltsc 2021-x64

3

discord-im...ion.py

windows10-ltsc 2021-x64

3

discord-im...tup.py

windows10-ltsc 2021-x64

3

discord-im...nfo.py

windows10-ltsc 2021-x64

3

discord-im...fig.py

windows10-ltsc 2021-x64

3

discord-im...ain.py

windows10-ltsc 2021-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    143s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250217-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250217-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    04/03/2025, 19:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    discord-image-logger-release/src/components/startup.py

  • Size

    1KB

  • MD5

    d17d405ca05de43451c90ed876382851

  • SHA1

    5d79d59b7c7d84da78b16c3b11ccc329a85974c6

  • SHA256

    e93db849ec64a2c100f7d07bb1267edb96177b4097573796213fe19623b85e57

  • SHA512

    7e2f8325cae28528d84fe1967ded6375d8b581d99a93d5b2dbae8f7a7af03c60cadacd21bd0d29771ccb0dc438e5aac30321f251db44124ab841f267a0ff887b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\discord-image-logger-release\src\components\startup.py
    1⤵
    • Modifies registry class
    PID:1880
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.