discordrat | 68f28710a9decbe41063b2721b15c50a5cbc4f0ea03cde4ace99efb5fa5778c5 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240223-rqrmyabh8s
MD5

48b946a4b5fe2b37690ac925be121a67
SHA1

bc47084a2f11bd65af15c5cb04291ebaa6a07a78
SHA256

68f28710a9decbe41063b2721b15c50a5cbc4f0ea03cde4ace99efb5fa5778c5
SHA512

ba636a89ac7ab05120e12b08e221207183a7399c358af425792554d9fa3cd40b3cbffe7ffe7c9906322d20c4b512f36d0df50d8229739d293fea8b7d35449c12
SSDEEP

1536:42WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+7PIh:4Zv5PDwbjNrmAE+zIh

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIxMDAxMDUyMDc3MDU4MDUwMA.GJ9sjV.w-dGlY9tBHallGFQZjbv6rOIvFGkBXn_0lfFlE
server_id
1197583538841735228

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  48b946a4b5fe2b37690ac925be121a67
- SHA1
  
  bc47084a2f11bd65af15c5cb04291ebaa6a07a78
- SHA256
  
  68f28710a9decbe41063b2721b15c50a5cbc4f0ea03cde4ace99efb5fa5778c5
- SHA512
  
  ba636a89ac7ab05120e12b08e221207183a7399c358af425792554d9fa3cd40b3cbffe7ffe7c9906322d20c4b512f36d0df50d8229739d293fea8b7d35449c12
- SSDEEP
  
  1536:42WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+7PIh:4Zv5PDwbjNrmAE+zIh
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer