discordrat | 97998ce8ee1eb61773da4dd3480ac0573821233cef969b8b81c192600fa790e3 | Triage

Sharing

General

Target

SolaraBETA.exe
Size

164KB
Sample

240518-lagj5sdb92
MD5

4b2fde25d144813486401114b5b1465a
SHA1

5002bea91d465c2054b4d9c00da8d57bdef2cd8a
SHA256

97998ce8ee1eb61773da4dd3480ac0573821233cef969b8b81c192600fa790e3
SHA512

f861dbc704ecc6cb3e22e2a48397d4ff86ac50f04a79c863de7285c54a9f85279bdc62db11b75f70a27282fb0eae9b67625b2301e975a5a9ff5eaf68eb4de566
SSDEEP

3072:2Zv5PDwbjNrmAE+ZIjLdGgCvZuT75lTT3MJObhH:Wv5PDwbBr9IjLdvm27wJON

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIyODAzODA0Nzg2MjM2MjE4Mg.GeZ9Dk.99HQJjlOmDT6HLrABe4Y4tFyXqPaQdWTb6lSvI
server_id
1234555349349040179

Targets

- Target
  
  SolaraBETA.exe
- Size
  
  164KB
- MD5
  
  4b2fde25d144813486401114b5b1465a
- SHA1
  
  5002bea91d465c2054b4d9c00da8d57bdef2cd8a
- SHA256
  
  97998ce8ee1eb61773da4dd3480ac0573821233cef969b8b81c192600fa790e3
- SHA512
  
  f861dbc704ecc6cb3e22e2a48397d4ff86ac50f04a79c863de7285c54a9f85279bdc62db11b75f70a27282fb0eae9b67625b2301e975a5a9ff5eaf68eb4de566
- SSDEEP
  
  3072:2Zv5PDwbjNrmAE+ZIjLdGgCvZuT75lTT3MJObhH:Wv5PDwbBr9IjLdvm27wJON
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer