Threat Database Backdoors Backdoor.DiscordHack

Backdoor.DiscordHack

By CagedTech in Backdoors

Threat Scorecard

Popularity Rank: 9,895
Threat Level: 60 % (Medium)
Infected Computers: 202
First Seen: November 1, 2022
Last Seen: April 10, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Backdoor.DiscordHack
Signature status: No Signature

Known Samples

MD5: ea7d56e4965a8b9c26e701a5a514db7a
SHA1: a7231018c769a6079a8c3e7be733e1081ee2a595
SHA256: FACA94DB61B06F48DE4A6BFD59F200D051E460EF2A535917A7D109FF347CC30B
File Size: 217.09 KB, 217088 bytes
MD5: 607455bfe906243bfad4384162ec0d0b
SHA1: 578bb646be7e8d27a6c82c46703356f1772670e8
SHA256: 426E64B2013648BBB73A74120ED4EE9C77EDFD0BC1B07D6238E8576F81E4D28A
File Size: 122.88 KB, 122880 bytes
MD5: c4c6ce9104cb7a74dc5caf9f04cf223a
SHA1: c53aaf75c5585fc7b4e1ca4474bdd75bbecd9370
SHA256: B1E525B77C841B601246B62A5705094DA0478A225A73E9B144A26648E5C43DBA
File Size: 166.91 KB, 166912 bytes
MD5: 4cbe503150c09fe878d915afe2984168
SHA1: f51dfa43be6bc8c0ca797ba3e0f1a5c7ecbc0cb3
SHA256: ADF769765813B4FD3E6FC0208D91C078917EE475CE87DAEFD73A77CA83428FD6
File Size: 166.91 KB, 166912 bytes
MD5: 8b9cbb9a149406bbb70c866f1df2f384
SHA1: a1f37a97202d4c8c35a84e132dd94ea56319fea8
SHA256: 3FAFB00D456EC4FE06FF8C7597588A820210A424B021B4956F4C1ED8FDC46D8E
File Size: 166.91 KB, 166912 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has been packed
  • File has TLS information
  • File is 32-bit executable
  • File is 64-bit executable
  • File is either console or GUI application
Show More
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Assembly Version
  • 2.47.1.0
  • 2.47.0.0
  • 2.46.1.0
  • 2.46.0.0
Company Name Tyrrrz
File Description DiscordChatExporter
File Version
  • 2.47.1.0
  • 2.47.0.0
  • 2.46.1.0
  • 2.46.0.0
Internal Name DiscordChatExporter.dll
Legal Copyright Copyright (c) Oleksii Holub
Original Filename DiscordChatExporter.dll
Product Name DiscordChatExporter
Product Version
  • 2.47.1+1181a35f081880432d6302234ce8c84917cc9fc0
  • 2.47+3be5bc6a21a378a2b0246e4a26c638645bd8c1a2
  • 2.46.1+72f9e981de75ae28d29b96d9d01c150c53df7c43
  • 2.46+cc92b2cbe6f3540d0ca126caa679d5e1b0bf5b11

File Traits

  • No Version Info
  • ntdll
  • packed
  • x64
  • x86

Block Information

Total Blocks: 444
Potentially Malicious Blocks: 0
Whitelisted Blocks: 444
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 1 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.IFK
  • Agent.OSS
  • Agent.UFF
  • ClipBanker.GDA
  • Downloader.OF
Show More
  • Downloader.OFB

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcCreateSecurityContext
  • ntdll.dll!NtAlpcDeleteSecurityContext
  • ntdll.dll!NtAlpcQueryInformation
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtAssociateWaitCompletionPacket
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateTimer2
Show More
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryFullAttributesFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetTimer2
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtWriteFile
  • UNKNOWN
Anti Debug
  • OutputDebugString

Trending

Most Viewed

Loading...