discordrat | 9436576f5aa5cdcf437f2d1bf07c9ff18ea843325682129ca41ccdf696e9377d | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240515-zf4thsbc37
MD5

848a00db3d33b9dbb7b44eccb1a3f34d
SHA1

4e66ca8e5eab60f2e5894e01eb91583d7073bc20
SHA256

9436576f5aa5cdcf437f2d1bf07c9ff18ea843325682129ca41ccdf696e9377d
SHA512

6660b446e2e61d21f0d60e2bfea109e315e8155b52d7f6c4a4b28e5b52d0be0f0cfb292d6791efa9c78ceae7ec308e5ed0c53a3d9f261e7939e09ce74a889d99
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+0PIC:5Zv5PDwbjNrmAE+oIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0MDQwMjA1OTc0MDU3NzkxNA.GbOCfS.pmCu9yd053RaPNi5s51O2aRqPGaYe8Gp7ukwAc
server_id
1240402293611036763

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  848a00db3d33b9dbb7b44eccb1a3f34d
- SHA1
  
  4e66ca8e5eab60f2e5894e01eb91583d7073bc20
- SHA256
  
  9436576f5aa5cdcf437f2d1bf07c9ff18ea843325682129ca41ccdf696e9377d
- SHA512
  
  6660b446e2e61d21f0d60e2bfea109e315e8155b52d7f6c4a4b28e5b52d0be0f0cfb292d6791efa9c78ceae7ec308e5ed0c53a3d9f261e7939e09ce74a889d99
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+0PIC:5Zv5PDwbjNrmAE+oIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer