discordrat | abff64bee76b35b88a91b10066fe8757c4778ad209b103967c813e254205c34c | Triage

Resubmissions

26-06-2024 03:39

240626-d76arswakk 10

Sharing

General

Target

sercmenupaid.exe
Size

676KB
Sample

240626-d76arswakk
MD5

df6b867bca38afe7f08e315a348772c9
SHA1

75cf786586e4a22339e3125a962df569dd74a571
SHA256

abff64bee76b35b88a91b10066fe8757c4778ad209b103967c813e254205c34c
SHA512

0bf93522cbf25114bd4a2d0214dc51d274350425e4a3e587846941794b300c66adbb7f9c98c9f63937b0a9d296efcbe12758f2241c816d584e775450f8f03eba
SSDEEP

12288:cCQjgAtAHM+vetZxF5EWry8AtGy0crmZldzG0tv+UuNeh:c5ZWs+OZVEWry8Apnm/FZv+Uu8

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NTIyMzg4MDA4NDA5OTE2Mg.GukmSG.gcxGub6ITuDxOUV3cxXT3R61bKP6OmYlr0wc7s
server_id
1255223797854765067

Targets

- Target
  
  sercmenupaid.exe
- Size
  
  676KB
- MD5
  
  df6b867bca38afe7f08e315a348772c9
- SHA1
  
  75cf786586e4a22339e3125a962df569dd74a571
- SHA256
  
  abff64bee76b35b88a91b10066fe8757c4778ad209b103967c813e254205c34c
- SHA512
  
  0bf93522cbf25114bd4a2d0214dc51d274350425e4a3e587846941794b300c66adbb7f9c98c9f63937b0a9d296efcbe12758f2241c816d584e775450f8f03eba
- SSDEEP
  
  12288:cCQjgAtAHM+vetZxF5EWry8AtGy0crmZldzG0tv+UuNeh:c5ZWs+OZVEWry8Apnm/FZv+Uu8
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer