discordrat | b7795416b4dbda541281cf9c369a1bd692e53ed3abf5f9f10ca40b551a8d71e8 | Triage

Submit
Reports

Overview

overview

Static

static

3

prewiew‮gnp.scr

windows10-1703-x64

Sharing

General

Target

prewiew‮gnp.scr
Size

531KB
Sample

240228-s6b3vsfc5x
MD5

e42e304f2d03c647a200a913f22357f2
SHA1

66f4df4861a33d2dc0824c5085200cba3c6808d0
SHA256

b7795416b4dbda541281cf9c369a1bd692e53ed3abf5f9f10ca40b551a8d71e8
SHA512

00fddae7c5839cef910f93192ecb0491887fd48e1759438715461854877a6ada3080a2fc1b4fa71dfbd951fbb72e7f75ea2a863ba7fc534257880d9824fba250
SSDEEP

12288:OzxzTDWikLSb4NS7QZ4nQs1Fys/X3gptwaLbDw:oDWHSb4NgnQ6vgjHDw

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

prewiew‮gnp.scr

Resource

win10-20240221-en

discordrat persistence rat rootkit stealer

windows10-1703-x64

16 signatures

300 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIxMjA2NTQzODcxMjg2MDc1Mw.GTgXsa.NRXzkSnsuB5zxX04YTTZ7fkqJPr7Jxf10Swk60
server_id
1212054940705628210

Targets

- Target
  
  prewiew‮gnp.scr
- Size
  
  531KB
- MD5
  
  e42e304f2d03c647a200a913f22357f2
- SHA1
  
  66f4df4861a33d2dc0824c5085200cba3c6808d0
- SHA256
  
  b7795416b4dbda541281cf9c369a1bd692e53ed3abf5f9f10ca40b551a8d71e8
- SHA512
  
  00fddae7c5839cef910f93192ecb0491887fd48e1759438715461854877a6ada3080a2fc1b4fa71dfbd951fbb72e7f75ea2a863ba7fc534257880d9824fba250
- SSDEEP
  
  12288:OzxzTDWikLSb4NS7QZ4nQs1Fys/X3gptwaLbDw:oDWHSb4NgnQ6vgjHDw
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

© 2018-2025

Terms | Privacy