discordrat | 25bb88715703d5a18a8bf578f1a28aca88fcd8564e2068a04dc2ad560741ae0e | Triage

Sharing

General

Target

SCLauncherV2.rar
Size

26KB
Sample

240314-esslssab5z
MD5

0469a0a387d3a86f3fce9d2fa3625fd3
SHA1

b94cdf8047bd4e422facaa62595e773844a758c1
SHA256

25bb88715703d5a18a8bf578f1a28aca88fcd8564e2068a04dc2ad560741ae0e
SHA512

ed014868a2212229f9ecfec8778eb92c239003d4e645bd2115c97c9873d81318693cd07159064f339c505ac7ffe76e0c8d0b2d255b6c4a72e41265dd1ce7d7aa
SSDEEP

768:zdGVo/L1LDHmDtv66GItHCsQp6FAzjJpkv:zdGOpPet6jkiDuk8

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTA0ODMwNDkwODM0NjA2NTAyNg.G95Iws.imc9mlTqIPk_OwRNZOtlCbfm82UCxdZc1tKScU
server_id
1048304689382432859

Targets

- Target
  
  SCLauncherV2.exe
- Size
  
  78KB
- MD5
  
  1f0f51336f5f6004afd1aa2f64289d50
- SHA1
  
  d693686649a21ba77586d7236057576393096292
- SHA256
  
  ec17fe432772f5e53f45a1d0ad74a6d2d79635ec1fdbdb5b3bf6cda55e873081
- SHA512
  
  6c7bc5aaf5304c052aff714be73ef3a6ea2f959b37d0b608fdce33babb9a2b314da0d4012052e9d897967b33f36933dce481afa12696f2ac58326a9e31596729
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+SPIC:5Zv5PDwbjNrmAE+eIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer