Behavioral task
behavioral1
Sample
RAT.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
RAT.exe
Resource
win10v2004-20240508-en
General
-
Target
RAT.exe
-
Size
78KB
-
MD5
fbf3aac78be63f4c9cac42c5065e841d
-
SHA1
ef1ef9f1c4582740ddbbb0ae931729d28f9cddcf
-
SHA256
fb20124a565035509bfe77f7969e6b6481af6e084c1f779eafefacb3238838b9
-
SHA512
5384fbe4d98eb58784a50161a06439f0b0d8842a39980d84d51b87c9da420ea0d400d9595a9e55083499813d583bbdcf17f04202df43a39318fc0f9cbde3531a
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+mPIC:5Zv5PDwbjNrmAE+CIC
Malware Config
Extracted
discordrat
-
discord_token
MTI0MDY5Njg4MTA1MTYwMzA3NA.Gk0pb5.gw1UrxfVboadUu1780jASHItFkwsOrCVl0hucM
-
server_id
1237869398321139852
Signatures
-
Discordrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource RAT.exe
Files
-
RAT.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ