discordrat | RAT[.]exe | Triage

Sharing

General

Target

RAT.exe
Size

78KB
MD5

fbf3aac78be63f4c9cac42c5065e841d
SHA1

ef1ef9f1c4582740ddbbb0ae931729d28f9cddcf
SHA256

fb20124a565035509bfe77f7969e6b6481af6e084c1f779eafefacb3238838b9
SHA512

5384fbe4d98eb58784a50161a06439f0b0d8842a39980d84d51b87c9da420ea0d400d9595a9e55083499813d583bbdcf17f04202df43a39318fc0f9cbde3531a
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+mPIC:5Zv5PDwbjNrmAE+CIC

Score

10^/10

discordrat

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0MDY5Njg4MTA1MTYwMzA3NA.Gk0pb5.gw1UrxfVboadUu1780jASHItFkwsOrCVl0hucM
server_id
1237869398321139852

Signatures

Discordrat family
discordrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

RAT.exe

Files

RAT.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ