discordrat | 1d38e3e579a0ef472440c41e75ece8ba2646d647ade0ec23e8e32eff16801567 | Triage

Sharing

General

Target

Ud disk changer.exe
Size

78KB
Sample

240324-qa8qvach87
MD5

1c5f41e2bad22101a9a447a3f5945bf1
SHA1

11b9983ec2c20b1fe21072b781b01e5606c96c24
SHA256

1d38e3e579a0ef472440c41e75ece8ba2646d647ade0ec23e8e32eff16801567
SHA512

38561164a0763f3fafd4b58c45cbd03d3fbde4e049b37c287108c102061d966ed0b9e6cca884c17fbb4ebaab120ad886e6b904e7e74efc998533b7d74e675a8f
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+WPIC:5Zv5PDwbjNrmAE+SIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIwNjE3ODY5NzIxNzA0ODU5Ng.GqSgUC.4B9SQ8wqyb3BgV35rjVdLcvEoFRGQCPQxlmHuc
server_id
1206547675009515531

Targets

- Target
  
  Ud disk changer.exe
- Size
  
  78KB
- MD5
  
  1c5f41e2bad22101a9a447a3f5945bf1
- SHA1
  
  11b9983ec2c20b1fe21072b781b01e5606c96c24
- SHA256
  
  1d38e3e579a0ef472440c41e75ece8ba2646d647ade0ec23e8e32eff16801567
- SHA512
  
  38561164a0763f3fafd4b58c45cbd03d3fbde4e049b37c287108c102061d966ed0b9e6cca884c17fbb4ebaab120ad886e6b904e7e74efc998533b7d74e675a8f
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+WPIC:5Zv5PDwbjNrmAE+SIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer