discordrat | a77388ef2a7aa231dfffce78d26fc23c5d8aa38f2b76750c6d04bc0b9a3486c1 | Triage

Sharing

General

Target

3add9057e56fe6ed3826b37110946af0_NeikiAnalytics.exe
Size

420KB
Sample

240607-fzsqtabc73
MD5

3add9057e56fe6ed3826b37110946af0
SHA1

f5235cb1fec12a3bd1ff426be43382b7e2f52123
SHA256

a77388ef2a7aa231dfffce78d26fc23c5d8aa38f2b76750c6d04bc0b9a3486c1
SHA512

3312405b72d48d16aa396f98bd65d4630478d6eaf339ca8109eca3ed897f3d7b2a4c4bf37adcde1809c9c3180f342be04426ad2303b6070e0fca570a64918a37
SSDEEP

12288:oJf/DdUC83OIgFc+tYjhLFHB0iTpc0Kkd8oPEB5:oN/BUBb+tYjBFHBxTaYbPI

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0Njg5NDU5NjYxNzY2NjY4NA.Gmlbm4.ZRFvWtjlMHl2DRYmK54Ou3DlvwIiGhmTqRBYyU
server_id
1246895020653416468

Targets

- Target
  
  3add9057e56fe6ed3826b37110946af0_NeikiAnalytics.exe
- Size
  
  420KB
- MD5
  
  3add9057e56fe6ed3826b37110946af0
- SHA1
  
  f5235cb1fec12a3bd1ff426be43382b7e2f52123
- SHA256
  
  a77388ef2a7aa231dfffce78d26fc23c5d8aa38f2b76750c6d04bc0b9a3486c1
- SHA512
  
  3312405b72d48d16aa396f98bd65d4630478d6eaf339ca8109eca3ed897f3d7b2a4c4bf37adcde1809c9c3180f342be04426ad2303b6070e0fca570a64918a37
- SSDEEP
  
  12288:oJf/DdUC83OIgFc+tYjhLFHB0iTpc0Kkd8oPEB5:oN/BUBb+tYjBFHBxTaYbPI
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer