discordrat | 398c45daf283a0bb0a57696cac3c2f67fff96d5ea5f0f53a6f1dd7a693a0e22a | Triage

Submit
Reports

Overview

overview

Static

static

1

MainMenu.rbxm

windows10-2004-x64

MainMenu.rbxm

windows11-21h2-x64

3

Resubmissions

16-04-2024 10:41

240416-mrjaqsab9w 3

15-04-2024 18:03

240415-wnfj4sfa2v 6

15-04-2024 17:57

240415-wj2xjsce98 10

15-04-2024 17:53

240415-wgfljaeg6s 10

Sharing

General

Target

MainMenu.rbxm
Size

14KB
Sample

240415-wj2xjsce98
MD5

570b9b9cd36ee573826296c9c1e24dea
SHA1

69bb3c2b05b2043b53fa2fa25f3c227d3b3c7bbc
SHA256

398c45daf283a0bb0a57696cac3c2f67fff96d5ea5f0f53a6f1dd7a693a0e22a
SHA512

6d59a8fed062a7a95ddeab579e21f2eda37c9c9a635be657bd1122fb57498f20a18deb9fa3434c4d9dad62bf85a1a9a1751e5e21a7a0403863039edd51a39a82
SSDEEP

192:WkV5Yqitq3KfkjaGRCNkjWKARcZizO9Bpy/nw8vJemQQJ:pDaiLRCJKocZiy9Py/nLvJeyJ

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

Behavioral task

behavioral1

Sample

MainMenu.rbxm

Resource

win10v2004-20240226-en

discordrat persistence rat rootkit stealer

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

MainMenu.rbxm

Resource

win11-20240412-en

windows11-21h2-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIyMjY1ODg0NzM1NzkyNzQzNQ.G46owp.2JEzFsoF0sNveJ3Ig7Q_yTdVD59ktO7ZBNMdzw
server_id
1211370597838487562

Targets

- Target
  
  MainMenu.rbxm
- Size
  
  14KB
- MD5
  
  570b9b9cd36ee573826296c9c1e24dea
- SHA1
  
  69bb3c2b05b2043b53fa2fa25f3c227d3b3c7bbc
- SHA256
  
  398c45daf283a0bb0a57696cac3c2f67fff96d5ea5f0f53a6f1dd7a693a0e22a
- SHA512
  
  6d59a8fed062a7a95ddeab579e21f2eda37c9c9a635be657bd1122fb57498f20a18deb9fa3434c4d9dad62bf85a1a9a1751e5e21a7a0403863039edd51a39a82
- SSDEEP
  
  192:WkV5Yqitq3KfkjaGRCNkjWKARcZizO9Bpy/nw8vJemQQJ:pDaiLRCJKocZiy9Py/nLvJeyJ
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

© 2018-2025

Terms | Privacy