discordrat | 38b827612364773dc9164f4180a42ed8bdf59d50b9cf468aaff78f99b255e7c8 | Triage

Resubmissions

24/02/2024, 07:11

240224-hz529adf7w 10

24/02/2024, 06:50

240224-hl3pzadc6y 10

23/02/2024, 21:09

240223-zzt4esaa7s 10

Sharing

General

Target

citizen-shanks_private.exe
Size

78KB
Sample

240224-hz529adf7w
MD5

82f4f8c08a0620fa1d65a5c716d1f1e6
SHA1

d4c8d076f1506bb33f13d45ed48a309c6ab26691
SHA256

38b827612364773dc9164f4180a42ed8bdf59d50b9cf468aaff78f99b255e7c8
SHA512

8aa41935bdf92d79e70c4718fe357df7ed671e8fa39b736f82d2a5bf4038988ee1e1dd30185144715c7cc7f7be8cb18267688489a2740912b3e2b8d8fd1cc33a
SSDEEP

1536:d2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+oPId+FH:dZv5PDwbjNrmAE+sId+FH

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIwNjYzMDA2MDg1NDA4MzYzNA.GnAKOm.aUFPbQ5wpHpCmFv1PuEPHDS_5vEXWahfzJpRe8
server_id
1206629234835988481

Targets

- Target
  
  citizen-shanks_private.exe
- Size
  
  78KB
- MD5
  
  82f4f8c08a0620fa1d65a5c716d1f1e6
- SHA1
  
  d4c8d076f1506bb33f13d45ed48a309c6ab26691
- SHA256
  
  38b827612364773dc9164f4180a42ed8bdf59d50b9cf468aaff78f99b255e7c8
- SHA512
  
  8aa41935bdf92d79e70c4718fe357df7ed671e8fa39b736f82d2a5bf4038988ee1e1dd30185144715c7cc7f7be8cb18267688489a2740912b3e2b8d8fd1cc33a
- SSDEEP
  
  1536:d2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+oPId+FH:dZv5PDwbjNrmAE+sId+FH
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer