discordrat | 1c5ff3010534024b4033fffb2a40b1c717f0e6b8af4c6ff555e96dcf201a3d67 | Triage

Submit
Reports

Overview

overview

Static

static

Client-built.exe

windows10-2004-x64

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240405-njq62sae4t
MD5

1f88ce633526965c3666b61c22438537
SHA1

aa8244e35ab889ee1117dd6bdb078364cc526b2b
SHA256

1c5ff3010534024b4033fffb2a40b1c717f0e6b8af4c6ff555e96dcf201a3d67
SHA512

2a8ce619e8babfd459c46256a636e54dc5282cc37da26788713745aad8d24181e8cb55e8a14592a029e30e058328f7d523f90d88089424257d37fa472d29b93a
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+uPIC:5Zv5PDwbjNrmAE+KIC

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Client-built.exe

Resource

win10v2004-20240226-en

discordrat persistence rat rootkit stealer

windows10-2004-x64

8 signatures

1800 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIyNTcyMDI5MDIxNTIwMjkwMA.GMndrU.dPCIIzaBjlQwCAXW6c-oh2XIDaOgXZJasAdhx4
server_id
1225719274836987904

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  1f88ce633526965c3666b61c22438537
- SHA1
  
  aa8244e35ab889ee1117dd6bdb078364cc526b2b
- SHA256
  
  1c5ff3010534024b4033fffb2a40b1c717f0e6b8af4c6ff555e96dcf201a3d67
- SHA512
  
  2a8ce619e8babfd459c46256a636e54dc5282cc37da26788713745aad8d24181e8cb55e8a14592a029e30e058328f7d523f90d88089424257d37fa472d29b93a
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+uPIC:5Zv5PDwbjNrmAE+KIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

© 2018-2025

Terms | Privacy