discordrat | 28082f4e658d02fdbfba80b1d8c0489cbdebaeed90da1c658401633883ad3380 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240312-cnwrjsfb87
MD5

03acb00c0f9a2bc6c233f8de2a48a380
SHA1

3b686ec3f0fd37aea67dec112acbb2fd81eb4bbb
SHA256

28082f4e658d02fdbfba80b1d8c0489cbdebaeed90da1c658401633883ad3380
SHA512

5c93e1b75e6d289256083453d7281e5676f33ae31c3fe0259e6135dfe19e77121cf85ab1fb5ca1b7a8a1db450cb05093de85efe4173b1d2070aa810e56e8096c
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+aPIC:5Zv5PDwbjNrmAE+GIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIxNjkzMDkzNTgyNDQ0OTY4Ng.GmBYPl.mBrxt3O20N2x2UQIMrUwUZVup_hHnSYTbAUD5I
server_id
1216930992913121320

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  03acb00c0f9a2bc6c233f8de2a48a380
- SHA1
  
  3b686ec3f0fd37aea67dec112acbb2fd81eb4bbb
- SHA256
  
  28082f4e658d02fdbfba80b1d8c0489cbdebaeed90da1c658401633883ad3380
- SHA512
  
  5c93e1b75e6d289256083453d7281e5676f33ae31c3fe0259e6135dfe19e77121cf85ab1fb5ca1b7a8a1db450cb05093de85efe4173b1d2070aa810e56e8096c
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+aPIC:5Zv5PDwbjNrmAE+GIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer