General

  • Target

    HackerTool.exe

  • Size

    78KB

  • Sample

    240703-24y92s1bqn

  • MD5

    700cbe7842075702ba7a814135377cba

  • SHA1

    afc4dae81fdcd51e6cfba4df93b95473019db51d

  • SHA256

    aca13de69b970f10357414fc04b9d424e3ec91d46c48dcf23244309e6994de24

  • SHA512

    1a364f96ee78c3e83ec4a9e9a88d070a67fa55cbc4f3e2e5a99f2c4f5d933abee9f98f5537d56159a57771d82e78a19a1b14e1a52002d2420783cfafde59de11

  • SSDEEP

    1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+LPIC:5Zv5PDwbjNrmAE+jIC

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTI1Nzk1NzI4ODU0MzUyMjk0OA.GIpluZ.fDKYKipS9PVq4yhIAizQmTyDwK5kQQ8ux_PrHQ

  • server_id

    1257954812113190942

Targets

    • Target

      HackerTool.exe

    • Size

      78KB

    • MD5

      700cbe7842075702ba7a814135377cba

    • SHA1

      afc4dae81fdcd51e6cfba4df93b95473019db51d

    • SHA256

      aca13de69b970f10357414fc04b9d424e3ec91d46c48dcf23244309e6994de24

    • SHA512

      1a364f96ee78c3e83ec4a9e9a88d070a67fa55cbc4f3e2e5a99f2c4f5d933abee9f98f5537d56159a57771d82e78a19a1b14e1a52002d2420783cfafde59de11

    • SSDEEP

      1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+LPIC:5Zv5PDwbjNrmAE+jIC

    • Discord RAT

      A RAT written in C# using Discord as a C2.

    • Downloads MZ/PE file

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.