discordrat | 8edaf04cae9e2d3aef9015308e37d7c2072d28c0746b7e3657ea3ab9c68f7786 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240626-xh539axgnf
MD5

c21a5156d67267fb2f713855d72689b9
SHA1

f18dc6e46129f3832f74f06b1eff47484f4c12cd
SHA256

8edaf04cae9e2d3aef9015308e37d7c2072d28c0746b7e3657ea3ab9c68f7786
SHA512

29c99887dc0671878b3236795eb13379d51d5f4ba95762dce1e7df09da144e5c0f44ac08222b7575317641505a4de54c62e55115a476b8c52e38047b446ed298
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+zPIC:5Zv5PDwbjNrmAE+rIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NTU2MTc0ODQ0MjkxMDc4MQ.Gc-r-A.bInqy9sb_zAtMxKHHGc-H1SmDe_R_ElEfuPchc
server_id
1255561590363914300

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  c21a5156d67267fb2f713855d72689b9
- SHA1
  
  f18dc6e46129f3832f74f06b1eff47484f4c12cd
- SHA256
  
  8edaf04cae9e2d3aef9015308e37d7c2072d28c0746b7e3657ea3ab9c68f7786
- SHA512
  
  29c99887dc0671878b3236795eb13379d51d5f4ba95762dce1e7df09da144e5c0f44ac08222b7575317641505a4de54c62e55115a476b8c52e38047b446ed298
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+zPIC:5Zv5PDwbjNrmAE+rIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer