discordrat | b641c2c1f10291df1213af47cf128b7ca4ce5baf92b2317ab755e26c1931e891 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240701-yk1f8aweja
MD5

71615c448d91b38e6c79501617f0951a
SHA1

7cdf1781bf14f42f7da282c8e064bf0c5696936e
SHA256

b641c2c1f10291df1213af47cf128b7ca4ce5baf92b2317ab755e26c1931e891
SHA512

4faa1b5e8bdadb755c619cfd29fb52846e5f3b340f2229b15f1a705abe8141f7fde8404bd66619d0f021bf2b6cd1c4839a0dcc166e552a42ecc76e8bfa137775
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+/PIC:5Zv5PDwbjNrmAE+HIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NzQyMTIyNjU0NTExOTM0Mw.GYn_sW.cr5q2u4iDBWn7sS6SNZb2hHyn0ylsGSM2jv36g
server_id
1255584878544551968

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  71615c448d91b38e6c79501617f0951a
- SHA1
  
  7cdf1781bf14f42f7da282c8e064bf0c5696936e
- SHA256
  
  b641c2c1f10291df1213af47cf128b7ca4ce5baf92b2317ab755e26c1931e891
- SHA512
  
  4faa1b5e8bdadb755c619cfd29fb52846e5f3b340f2229b15f1a705abe8141f7fde8404bd66619d0f021bf2b6cd1c4839a0dcc166e552a42ecc76e8bfa137775
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+/PIC:5Zv5PDwbjNrmAE+HIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer