Analysis
-
max time kernel
1380s -
max time network
1174s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
06-06-2024 12:10
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
1800 seconds
General
-
Target
Client-built.exe
-
Size
78KB
-
MD5
01a4ce4dd5b00747493bed5deebaae17
-
SHA1
779ce63d942892c2296d8864287941b547462cd5
-
SHA256
7489e6f15e2c7b6319b3ccf40bd0360251783a257c51a7791c1b77c6c271ec6d
-
SHA512
a4e8a7d92c55e6408ace17d8a02af9b43910d6b5eb29c2c98a63f25983ce55a7738027b6edce02fba83e2e69cfb5a0ac9d9637a13c1ad909dc7b2f0f1ab8ca05
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+DPIC:5Zv5PDwbjNrmAE+bIC
Score
10/10
Malware Config
Extracted
Family
discordrat
Attributes
-
discord_token
MTI0ODI0MTU5ODY4NTUxNTg1MA.GzyIwU._prrDCdD0LwAjYsJHZG5xYNLF9UZJF3BCQCXGE
-
server_id
1248242109069131776
Signatures
-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 4728 Client-built.exe