discordrat | 736014075703d79b54efab4b10d106f8ec1f6a65746d8ab9c3616e2462895120 | Triage

Sharing

General

Target

amongus.exe
Size

78KB
Sample

240228-ee36daad5y
MD5

72e20a7333577a7788606cfc46109241
SHA1

d134e5511149e9b348edae2aca71d5c3662f4369
SHA256

736014075703d79b54efab4b10d106f8ec1f6a65746d8ab9c3616e2462895120
SHA512

d1995136e74f23ba341c63c60c0d96e654a72e6dff7ba5d0cacbac136fd241eb65696e450757186f6202d5288223b56bcf2a22b32a4d76ac906295a1e2975f57
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+6PIC:5Zv5PDwbjNrmAE+mIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5OTEyOTQxMjkwMjMzODY2MQ.Gu_nw4.EJ0Wvgj2MHiWYEiV20ODAbB5-0ofK2ypQndoVo
server_id
1212245165939494932

Targets

- Target
  
  amongus.exe
- Size
  
  78KB
- MD5
  
  72e20a7333577a7788606cfc46109241
- SHA1
  
  d134e5511149e9b348edae2aca71d5c3662f4369
- SHA256
  
  736014075703d79b54efab4b10d106f8ec1f6a65746d8ab9c3616e2462895120
- SHA512
  
  d1995136e74f23ba341c63c60c0d96e654a72e6dff7ba5d0cacbac136fd241eb65696e450757186f6202d5288223b56bcf2a22b32a4d76ac906295a1e2975f57
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+6PIC:5Zv5PDwbjNrmAE+mIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer