discordrat | ba6cef0aab977a4f4fc7e91d257205cc99634002b5f4f2a7ad7fcd41a9ec52f9 | Triage

Sharing

General

Target

backdoor.zip
Size

28KB
Sample

240629-ta5wqs1ajh
MD5

677fda28bde5300380f3360d04e3a4b4
SHA1

402ca87da9dc8c46d24932e1a31a667dc32d3f5b
SHA256

ba6cef0aab977a4f4fc7e91d257205cc99634002b5f4f2a7ad7fcd41a9ec52f9
SHA512

0aab4f21fd8d7b023137b40815d99fd2c60e6b35844e32976f5bbbf0377b5c595165eb4da035039c5a4fbc26c65111ff639abb8a9b289672675639bdadc56097
SSDEEP

768:t5lz6yZDgr9OtA8dozi25tT7VPVgvDBnW:td2rk25Z2DBnW

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIzNTY0ODQ4NjI5MzM3Mjk0OA.GawiEy.JlM1vJUWlJwIzz8HRFWqauqv72ly3Fb8B_Rxtc
server_id
1235649426538758245

Targets

- Target
  
  backdoor.exe
- Size
  
  78KB
- MD5
  
  e171e60b87329f0d0b505fac4ed4a4b7
- SHA1
  
  235df53c9dd99f010d110e94bc8de5a868a208f0
- SHA256
  
  cf194b811a46dbd3fd51b4ab88ff7659ef3a13b603e5c244c2cbdc994f80457c
- SHA512
  
  c32c1d43318117bb3aff56f1b3d3f9f0d804f621439b386470de25566a09adbc99d8cf3e73e32517317fdfeb4a5b0c961060b4409ae97b42bdf7b9a4b1febd18
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+lPIC:5Zv5PDwbjNrmAE+1IC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer