discordrat | f90669c7bcd467c792eab17dc8a329b23bafbebb35051b6a4462b3ee87f66316 | Triage

Resubmissions

29-06-2024 22:54

240629-2vtm7sydke 10

Sharing

General

Target

hey.txt
Size

118B
Sample

240629-2vtm7sydke
MD5

0133448e7470cd0c4243ec703b4cada4
SHA1

709195ac12c0af0853a451c9a98426f71e6b583a
SHA256

f90669c7bcd467c792eab17dc8a329b23bafbebb35051b6a4462b3ee87f66316
SHA512

9569ff406041a8eae14b2713f38cd9d42f9fd0a3e10b64aa3dd843898873edf2307782418b180b649f23335ddff0e141c053e19344c5f8a9d2abcce2a8c80310

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NjcyNDgxOTk0NTE5NzU3MA.GYJhy6.Km8cn1qtZGfDDPaCiMubtGhlUypWOcHVwmlioY
server_id
1256725681149182056

Targets

- Target
  
  hey.txt
- Size
  
  118B
- MD5
  
  0133448e7470cd0c4243ec703b4cada4
- SHA1
  
  709195ac12c0af0853a451c9a98426f71e6b583a
- SHA256
  
  f90669c7bcd467c792eab17dc8a329b23bafbebb35051b6a4462b3ee87f66316
- SHA512
  
  9569ff406041a8eae14b2713f38cd9d42f9fd0a3e10b64aa3dd843898873edf2307782418b180b649f23335ddff0e141c053e19344c5f8a9d2abcce2a8c80310
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discordratpersistenceratrootkitstealer