discordrat | 710b8c5bccffe277c66749c5fe619f6e7045e03abe5348dd2ed92fdef6656010 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240225-lw23zaha59
MD5

9495eec701db55246fda194795a75888
SHA1

2906defaaac8efaaabedb5f2570f1a8474f7fc76
SHA256

710b8c5bccffe277c66749c5fe619f6e7045e03abe5348dd2ed92fdef6656010
SHA512

ff5aea673c67a94d76c6e91f6eea9bbc0041bab8b1e24cc6405fbc8ea669db167560eabe68c557cbe751a8ad0935a59b33abab910f3256ac59a50eeece257035
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+1PIC:5Zv5PDwbjNrmAE+lIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIxMTA5OTM2NzcyMTc5NTYzNA.GHiRHA.GfRaR5LYgOWQ3r28LpH37-iYeYmiGP1nEIR7es
server_id
1211092147235987486

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  9495eec701db55246fda194795a75888
- SHA1
  
  2906defaaac8efaaabedb5f2570f1a8474f7fc76
- SHA256
  
  710b8c5bccffe277c66749c5fe619f6e7045e03abe5348dd2ed92fdef6656010
- SHA512
  
  ff5aea673c67a94d76c6e91f6eea9bbc0041bab8b1e24cc6405fbc8ea669db167560eabe68c557cbe751a8ad0935a59b33abab910f3256ac59a50eeece257035
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+1PIC:5Zv5PDwbjNrmAE+lIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer