discordrat | 52ab6102c24d59bcc88d6d5311e8f7404e69b17233ba995bbd162326782ac412 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240419-b33b7sda96
MD5

7c16d8d9eca7c5ea3c0919afce4a42a8
SHA1

db2d93ddef2d96fc687b11830781c54d549b7d3c
SHA256

52ab6102c24d59bcc88d6d5311e8f7404e69b17233ba995bbd162326782ac412
SHA512

4dd267a609ee31405d0353186ac2588afe760c401fe43d8958fa6c7a9ecbb65665ee120876f49a6760de1cd703791516f9ff7362a8355ac1b53f002a2af80312
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+KPIC:5Zv5PDwbjNrmAE+WIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIyNzU5OTczMjkwMjMzMDM3OQ.GGJ-EF.ITvPrvNzJvdqzhVFGBeM8xjGUkZMvbKmCPGwDw
server_id
1221811060135170099

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  7c16d8d9eca7c5ea3c0919afce4a42a8
- SHA1
  
  db2d93ddef2d96fc687b11830781c54d549b7d3c
- SHA256
  
  52ab6102c24d59bcc88d6d5311e8f7404e69b17233ba995bbd162326782ac412
- SHA512
  
  4dd267a609ee31405d0353186ac2588afe760c401fe43d8958fa6c7a9ecbb65665ee120876f49a6760de1cd703791516f9ff7362a8355ac1b53f002a2af80312
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+KPIC:5Zv5PDwbjNrmAE+WIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer