discordrat | 111b13e86437a1715726c97a4cdca943c31d8eb7ce555d16e533ce6a730bd5c5 | Triage

Sharing

General

Target

PasteLoader.exe
Size

78KB
Sample

240705-f6ykmstcqm
MD5

cd6bf9256b0458097209c5a619139ac5
SHA1

d3573dcce7406e16420ba901be06b519c6b6e88e
SHA256

111b13e86437a1715726c97a4cdca943c31d8eb7ce555d16e533ce6a730bd5c5
SHA512

01bf9c0df4cfd631200b68067c4becea373b2d74ce809fefd6549d24db7fde11cb6e83b8f0f3704b84554d16267eb7f2de92a8a3c5af912746211231da6b46e2
SSDEEP

1536:wIQOI8S4zTMHFEOEGZefHeKrIX8amErwbjNrB+uexCroKV6+fd6:wIq8S4nMLeGKrIX8amcwbjNrB+xSd6

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTEzODk3NzE0NzIzMTQyNDUxMg.GLN9Vx.uY2JaATZMA6ZxDffSmpo3K467bAT1_uBeq8ZsI
server_id
1258562412324585592

Targets

- Target
  
  PasteLoader.exe
- Size
  
  78KB
- MD5
  
  cd6bf9256b0458097209c5a619139ac5
- SHA1
  
  d3573dcce7406e16420ba901be06b519c6b6e88e
- SHA256
  
  111b13e86437a1715726c97a4cdca943c31d8eb7ce555d16e533ce6a730bd5c5
- SHA512
  
  01bf9c0df4cfd631200b68067c4becea373b2d74ce809fefd6549d24db7fde11cb6e83b8f0f3704b84554d16267eb7f2de92a8a3c5af912746211231da6b46e2
- SSDEEP
  
  1536:wIQOI8S4zTMHFEOEGZefHeKrIX8amErwbjNrB+uexCroKV6+fd6:wIq8S4nMLeGKrIX8amcwbjNrB+xSd6
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer