discordrat | 04eba1e1568a4ad4f54111f362a46b50ae8da9cb81704a051dcfef23d2b04728 | Triage

Sharing

General

Target

Electron.exe
Size

171KB
Sample

240511-xak34see93
MD5

3ce82d8a18c09e4c48b4da5de1938c3b
SHA1

406def8e1483d085246b61445979979a747f5851
SHA256

04eba1e1568a4ad4f54111f362a46b50ae8da9cb81704a051dcfef23d2b04728
SHA512

f3097a24bcf2c36580f3a788206a50352797a5e84704bb88411bb3317354d5773eee752ee4890cbcb45a984d568e9168f241d08e56cc33987c40297d4f4f8215
SSDEEP

1536:a2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V++PIuU2MTDVb2cgueZm7Cqg3G5sM:aZv5PDwbjNrmAE+6IMMYdGCjesM

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIyODAzODA0Nzg2MjM2MjE4Mg.GqCEYL.apfsS2jQRhuN7G2IWIRfyCOXYhh2VcEiLqIuMo
server_id
1238738925741408256

Targets

- Target
  
  Electron.exe
- Size
  
  171KB
- MD5
  
  3ce82d8a18c09e4c48b4da5de1938c3b
- SHA1
  
  406def8e1483d085246b61445979979a747f5851
- SHA256
  
  04eba1e1568a4ad4f54111f362a46b50ae8da9cb81704a051dcfef23d2b04728
- SHA512
  
  f3097a24bcf2c36580f3a788206a50352797a5e84704bb88411bb3317354d5773eee752ee4890cbcb45a984d568e9168f241d08e56cc33987c40297d4f4f8215
- SSDEEP
  
  1536:a2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V++PIuU2MTDVb2cgueZm7Cqg3G5sM:aZv5PDwbjNrmAE+6IMMYdGCjesM
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer