Extracted

• • Target

    bot_clientbuild_5v.exe

  • Size

    78KB

  • MD5

    272c0bb50fd35244680dcd9a7a3746c9

  • SHA1

    11b364658d8ae8c712f32fddd06c25ca1af98360

  • SHA256

    c1a1acf65df9a9307207c05d2b4e46e0b6a206993e7ffeab1e37a0229bfa58cc

  • SHA512

    47c8e5274a1bb9e4725827703a55c59a776760876cf69899e162ab96bc1e316945bdfec9d679eecc7e1bffdac0c7219fdf8fc4e50ca75a9a668cff9077fc9a3b

  • SSDEEP

    1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+LPIC:5Zv5PDwbjNrmAE+jIC

  Score

  10^/10

  discordratpersistenceratrootkitspywarestealer

  • Discord RAT

    A RAT written in C# using Discord as a C2.

    stealerrootkitratpersistencediscordrat

  • Downloads MZ/PE file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1