General
-
Target
RoLua.exe
-
Size
78KB
-
Sample
250305-xqvx9awrs8
-
MD5
9433f2ab2b9817222684d8dfd8c13db3
-
SHA1
b161e7f86e265fb043cf74b9db78979a5b5158f5
-
SHA256
99d9f92fce1d62c67118449a44cfaab9fb50102934a83152b8d2edc5fd6d35b8
-
SHA512
0f4f6461bf5dcbe1eaba89faa03369ccb6c7110347b70712e42c066d0504d81181bc528f37df7579234d164bcf586c0de6085e022062511f94bf62e04f237d14
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+APIC:5Zv5PDwbjNrmAE+kIC
Behavioral task
behavioral1
Sample
RoLua.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
RoLua.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
discordrat
-
discord_token
MTM0NjkxMDE0OTU0NTE2ODk5Ng.GOd1Xb.S7wK7bXVlifJSSeWldVPp8ZPBaEWAptINYrz2w
-
server_id
1346913204827066439
Targets
-
-
Target
RoLua.exe
-
Size
78KB
-
MD5
9433f2ab2b9817222684d8dfd8c13db3
-
SHA1
b161e7f86e265fb043cf74b9db78979a5b5158f5
-
SHA256
99d9f92fce1d62c67118449a44cfaab9fb50102934a83152b8d2edc5fd6d35b8
-
SHA512
0f4f6461bf5dcbe1eaba89faa03369ccb6c7110347b70712e42c066d0504d81181bc528f37df7579234d164bcf586c0de6085e022062511f94bf62e04f237d14
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+APIC:5Zv5PDwbjNrmAE+kIC
Score10/10-
Discordrat family
-
Downloads MZ/PE file
-
Legitimate hosting services abused for malware hosting/C2
-