discordrat | 98dd156638016b0abfb53a44dba4e8452b9b57bd0d9093c9995e88a9c6c7d750 | Triage

Sharing

General

Target

DoomedWorld.exe
Size

78KB
Sample

240703-3c1jgataqg
MD5

8121de3645a1421d72afa83c8791951c
SHA1

9654de88957f4995899bfbf5ab2eedbbe95be12f
SHA256

98dd156638016b0abfb53a44dba4e8452b9b57bd0d9093c9995e88a9c6c7d750
SHA512

d75f84fb3330105af2feaa98a8352ad68a473bce22e848fea99a9b6cd0818199d786d3955e6960730074c05c1df23b5ca664dcc22bf8bf9553a1cb07a78a49df
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+gPIC:5Zv5PDwbjNrmAE+EIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NzAyMzI2NzMzNjc0OTExMA.GRRCqL.-hOLG_NYwHg-QndfQvaNfpmA9h6WqvK4pkfIS8
server_id
1257024430513848503

Targets

- Target
  
  DoomedWorld.exe
- Size
  
  78KB
- MD5
  
  8121de3645a1421d72afa83c8791951c
- SHA1
  
  9654de88957f4995899bfbf5ab2eedbbe95be12f
- SHA256
  
  98dd156638016b0abfb53a44dba4e8452b9b57bd0d9093c9995e88a9c6c7d750
- SHA512
  
  d75f84fb3330105af2feaa98a8352ad68a473bce22e848fea99a9b6cd0818199d786d3955e6960730074c05c1df23b5ca664dcc22bf8bf9553a1cb07a78a49df
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+gPIC:5Zv5PDwbjNrmAE+EIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer