: List internal files (e.g., Dugor.exe , install.bat , or obfuscated .js files). Dynamic Analysis :
: Record the file size, MD5/SHA-256 hashes, and compilation date.
: Terminate any suspicious processes in Task Manager and delete the extracted files. Dugor#6960.rar
The "Dugor#6960.rar" file represents a classic example of "Discord Stealer" malware. The primary defense remains user education—avoiding unsolicited archives from unknown users, even those with seemingly legitimate tags. Free Automated Malware Analysis Service - Hybrid Analysis
: Note if the malware attempts to access %AppData%\Discord\Local Storage\leveldb to steal authentication tokens. : List internal files (e
The filename is strongly associated with malicious activities, particularly Discord-based credential theft and token logging . Files formatted this way (a name followed by a Discord tag) are commonly used by threat actors to distribute malware through direct messages or community servers.
: Stolen data (passwords, browser cookies, Discord tokens) is sent to the attacker via a webhook. 4. Mitigation and Recovery The "Dugor#6960
: The malware may add itself to the Windows Startup folder or create a Registry key to run on boot.
GMT+8, 2025-12-14 19:14 , Processed in 0.406509 second(s), 32 queries .
Powered by Discuz! X3.5
© 2001-2025 Discuz! Team.
