discordrat | b725618b2c8bc35e25fa786ec258fe3c27aec84b18e455d00aa16b4ed62be6c5 | Triage

Sharing

General

Target

file
Size

312KB
Sample

240715-c5h7sathlm
MD5

88b581d4bef9fbf7eeb967bc441afd15
SHA1

908a9cbb5e146715c270b2a60618ac485e52073b
SHA256

b725618b2c8bc35e25fa786ec258fe3c27aec84b18e455d00aa16b4ed62be6c5
SHA512

0b99c995992c49ed3a75397df2e29d2c902aa85e8faed8e21a02d026238f30e94edf6a4a02e8198316be1eebfc1f077eeafe05236678aaff657dc4e9e245d981
SSDEEP

3072:LiggAkHnjPIQ6KSEc/HHaPaW+LN7DxRLlzglKAVARk:LgAkHnjPIQBSEi6PCN7jBAVARk

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2MjE4MzU5NjU1MTE4MDQwMg.Gzy3x9.RZIwVThFyDF6ranz-qVbm6lG_FO19_NJuZ4LiM
server_id
1262179245837258894

Targets

- Target
  
  file
- Size
  
  312KB
- MD5
  
  88b581d4bef9fbf7eeb967bc441afd15
- SHA1
  
  908a9cbb5e146715c270b2a60618ac485e52073b
- SHA256
  
  b725618b2c8bc35e25fa786ec258fe3c27aec84b18e455d00aa16b4ed62be6c5
- SHA512
  
  0b99c995992c49ed3a75397df2e29d2c902aa85e8faed8e21a02d026238f30e94edf6a4a02e8198316be1eebfc1f077eeafe05236678aaff657dc4e9e245d981
- SSDEEP
  
  3072:LiggAkHnjPIQ6KSEc/HHaPaW+LN7DxRLlzglKAVARk:LgAkHnjPIQBSEi6PCN7jBAVARk
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer