discordrat | ac08c4f8fdd56e369e280cb3e1404caadf6e39a31ce95075ca7974b3ea994cbc | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240202-m5dmeaeecp
MD5

b4e6b3b81debadaf369cc3d24da91bc9
SHA1

917c3f0c7dac2b5bcc74143f21484572cde130ca
SHA256

ac08c4f8fdd56e369e280cb3e1404caadf6e39a31ce95075ca7974b3ea994cbc
SHA512

b1cd2438ffef347f662afaaff9303d49c4fa016caadf48d7bf11972bf96e24b858f879da7ee6f0e24088a7b343e90f73607925de24c308bcc77d037b546271b4
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+GPIC:5Zv5PDwbjNrmAE+iIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIwMTM2NzgwNzYzNjU1MzcyOA.Gry9Qz.MHd4heUBXDcbfvd7ppfxyfU9wbx857bvDsTRnc
server_id
1201027409663754250

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  b4e6b3b81debadaf369cc3d24da91bc9
- SHA1
  
  917c3f0c7dac2b5bcc74143f21484572cde130ca
- SHA256
  
  ac08c4f8fdd56e369e280cb3e1404caadf6e39a31ce95075ca7974b3ea994cbc
- SHA512
  
  b1cd2438ffef347f662afaaff9303d49c4fa016caadf48d7bf11972bf96e24b858f879da7ee6f0e24088a7b343e90f73607925de24c308bcc77d037b546271b4
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+GPIC:5Zv5PDwbjNrmAE+iIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer