Overview

overview

10

Static

static

3

pvp‮gnp.exe

windows7-x64

10

pvp‮gnp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pvp‮gnp.exe

  • Size

    775KB

  • Sample

    240531-x24pjabb23

  • MD5

    13121a69f278215b151c64650ac7cb37

  • SHA1

    2e0639d9d767821fe8830cb720d2c7960dcfa9b8

  • SHA256

    9dc7f34749d669d2f819076050aec0567232281ff9cfc6c77fc2bb2683a7d548

  • SHA512

    3d6987aad7dca1e58d3e5ab354b88bc72eaf35ee23d958653b29607cd5206486ef0e379dc0973d1b70995bc34f2bee992feb62a5b9b5e34f27e6eade8f811908

  • SSDEEP

    24576:XuDXTIGaPhEYzUzA0qbRVICpN1gbZyAtey:eDjlabwz9WgONMtn

Score
10/10
discordratpersistenceratrootkitstealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTI0NjE3NzQ1MDg3OTA5MDY5OA.GQYQs_.CWWy01exlwJSA5-Ryb8HsR5UWeE5uOF58bPcZs

  • server_id

    1243377281129254984

Targets

    • Target

      pvp‮gnp.exe

    • Size

      775KB

    • MD5

      13121a69f278215b151c64650ac7cb37

    • SHA1

      2e0639d9d767821fe8830cb720d2c7960dcfa9b8

    • SHA256

      9dc7f34749d669d2f819076050aec0567232281ff9cfc6c77fc2bb2683a7d548

    • SHA512

      3d6987aad7dca1e58d3e5ab354b88bc72eaf35ee23d958653b29607cd5206486ef0e379dc0973d1b70995bc34f2bee992feb62a5b9b5e34f27e6eade8f811908

    • SSDEEP

      24576:XuDXTIGaPhEYzUzA0qbRVICpN1gbZyAtey:eDjlabwz9WgONMtn

    Score
    10/10
    discordratpersistenceratrootkitstealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks