discordrat | c1187d8399dc3af9eddd01c468d567f9318241b80e6af2a18554478a5a83c72e | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240312-gjnmlabh26
MD5

1cf9e5b5799e91e63970ebfa421decd4
SHA1

7ac6c7dd36734209e4388ccf56b755c18799d7e6
SHA256

c1187d8399dc3af9eddd01c468d567f9318241b80e6af2a18554478a5a83c72e
SHA512

3f8327e661594aef57ad9ac73d63cc47804445e79ab488c30795c3bd6bf85eb5ba88870f55ce5cddfcc3c1a59764900c4bb72ab784b7030f88a2552933c5f37b
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+OPIC:5Zv5PDwbjNrmAE+qIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5NDE2OTc3MTUxMjU3ODA3MA.GCVqUn.o4RA4nS1nYlS1KBxh5Mcl5XC2rWkCuWIHze_qQ
server_id
1216981502819303504

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  1cf9e5b5799e91e63970ebfa421decd4
- SHA1
  
  7ac6c7dd36734209e4388ccf56b755c18799d7e6
- SHA256
  
  c1187d8399dc3af9eddd01c468d567f9318241b80e6af2a18554478a5a83c72e
- SHA512
  
  3f8327e661594aef57ad9ac73d63cc47804445e79ab488c30795c3bd6bf85eb5ba88870f55ce5cddfcc3c1a59764900c4bb72ab784b7030f88a2552933c5f37b
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+OPIC:5Zv5PDwbjNrmAE+qIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer