discordrat | 4c8e733771f1fa36c2607d319954f2f811b8690861ef556947e78c5540e98021 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240704-kfgxessekp
MD5

47e27fe6c24d12e2a430ba5954110af8
SHA1

dd2b8be1df875fd0ad4ae8fa0cd154b220744461
SHA256

4c8e733771f1fa36c2607d319954f2f811b8690861ef556947e78c5540e98021
SHA512

655539eb993cb59bff8937b2e21e699ad01fa39f0f605708559afee01a0f6d35c7d99d7d03cc2eb44e691bb4851fa7d140838016fe006f74a20e4569a196de2c
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+4PIC:5Zv5PDwbjNrmAE+cIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NTUzNzM1MTgwMzgwMTYwNA.Gaum03.OIWIumUQ6-odVL7pZDOGnAoFrwedhUBhG-Lngk
server_id
1255536373763539074

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  47e27fe6c24d12e2a430ba5954110af8
- SHA1
  
  dd2b8be1df875fd0ad4ae8fa0cd154b220744461
- SHA256
  
  4c8e733771f1fa36c2607d319954f2f811b8690861ef556947e78c5540e98021
- SHA512
  
  655539eb993cb59bff8937b2e21e699ad01fa39f0f605708559afee01a0f6d35c7d99d7d03cc2eb44e691bb4851fa7d140838016fe006f74a20e4569a196de2c
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+4PIC:5Zv5PDwbjNrmAE+cIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer