discordrat | 10a806b3b91bce876937c1f705b91153f5fdc91c88fe442dfd0ae6f06e26a9cb | Triage

Resubmissions

13-07-2024 02:33

240713-c188easakp 10

13-07-2024 02:29

240713-cyqchsthke 10

13-07-2024 02:23

240713-cvk9ds1glm 10

Sharing

General

Target

5oP2ak
Size

508B
Sample

240713-cvk9ds1glm
MD5

db55c0a45c78e31108711e01515a26d0
SHA1

667d59c73d995076e9e3566ad0acab62b81ebde8
SHA256

10a806b3b91bce876937c1f705b91153f5fdc91c88fe442dfd0ae6f06e26a9cb
SHA512

35e4645768d3534a5f9cd845b5d78718dc19e62aa2edaf53041d6d3408b22e6e8d0071dc27e3eab3b64a8df79a12dee72a7aeef81a24ac83d292bafabf78bbb4

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2MTUwNzg2MDQwNDI0MDQ3Nw.GPTmkZ.fQqxoTPbMZFYQzKwSwVzPNhm6dVtzE-3yd0BSw
server_id
MTI2MTUwNzg2MDQwNDI0MDQ3Nw.GPTmkZ.fQqxoTPbMZFYQzKwSwVzPNhm6dVtzE-3yd0BSw

Targets

- Target
  
  5oP2ak
- Size
  
  508B
- MD5
  
  db55c0a45c78e31108711e01515a26d0
- SHA1
  
  667d59c73d995076e9e3566ad0acab62b81ebde8
- SHA256
  
  10a806b3b91bce876937c1f705b91153f5fdc91c88fe442dfd0ae6f06e26a9cb
- SHA512
  
  35e4645768d3534a5f9cd845b5d78718dc19e62aa2edaf53041d6d3408b22e6e8d0071dc27e3eab3b64a8df79a12dee72a7aeef81a24ac83d292bafabf78bbb4
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer