discordrat | 048568f21de0495068ca83db248cc235578abd489e416c97001a8af6cd54af98 | Triage

Sharing

General

Target

celex cracked.exe
Size

78KB
Sample

240609-r3da3sbf3w
MD5

838552dd5effcd196247bf7476c11787
SHA1

05ed3b610c5a6537aec6652366175eef41ebd281
SHA256

048568f21de0495068ca83db248cc235578abd489e416c97001a8af6cd54af98
SHA512

1c91f1292b2722330141b4671cd6587368d2d86bfc3c38e906d459822bd7d4a2fb49c25d9c13ecfbf45368f3acfd49bec5a6b305c23e1f3ee09a4ef87e83522b
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+KPIC:5Zv5PDwbjNrmAE+WIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI0OTM2MzAwMDAzNzYwNTQ2OA.G2Z8iB.JlHA8lZ2dU5w37dmNBpG7AYm7TcaKA0xvUPkeM
server_id
1249359208781058119

Targets

- Target
  
  celex cracked.exe
- Size
  
  78KB
- MD5
  
  838552dd5effcd196247bf7476c11787
- SHA1
  
  05ed3b610c5a6537aec6652366175eef41ebd281
- SHA256
  
  048568f21de0495068ca83db248cc235578abd489e416c97001a8af6cd54af98
- SHA512
  
  1c91f1292b2722330141b4671cd6587368d2d86bfc3c38e906d459822bd7d4a2fb49c25d9c13ecfbf45368f3acfd49bec5a6b305c23e1f3ee09a4ef87e83522b
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+KPIC:5Zv5PDwbjNrmAE+WIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer