discordrat | 82df0dd52400d38ee69a0649afef1945c4040e88a9df1fd521aa287991ee873a | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240628-wn8kwsxhnc
MD5

fa567c382fa2d2cef2395146eb8794f4
SHA1

37ccbfcb03939bf01c9d3888b60957111306c1e3
SHA256

82df0dd52400d38ee69a0649afef1945c4040e88a9df1fd521aa287991ee873a
SHA512

994b2b4c379ed73230918e98ed79b1f0ba8581ca813ae7282d8b6d6baec29ca78b4a69cf49ce929b729772e84612286f7b942376c60685e5f57fa81f131ca82a
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+dPIC:5Zv5PDwbjNrmAE+NIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NTg1NDczODQ5MTE4MzEzNQ.GdBIvq.wik0qrcaBHCJQ47HJuJh5rd81G3yaKdzXEIGKc
server_id
1256309200393343038

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  fa567c382fa2d2cef2395146eb8794f4
- SHA1
  
  37ccbfcb03939bf01c9d3888b60957111306c1e3
- SHA256
  
  82df0dd52400d38ee69a0649afef1945c4040e88a9df1fd521aa287991ee873a
- SHA512
  
  994b2b4c379ed73230918e98ed79b1f0ba8581ca813ae7282d8b6d6baec29ca78b4a69cf49ce929b729772e84612286f7b942376c60685e5f57fa81f131ca82a
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+dPIC:5Zv5PDwbjNrmAE+NIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer