discordrat | 1632d6243bbdace63217bad0951f5cf94eb1b3d11692f5a681f9476248015a8d | Triage

Submit
Reports

Overview

overview

Static

static

3

YaliMod.exe

windows10-1703-x64

Sharing

General

Target

YaliMod.exe
Size

503KB
Sample

240716-p93s7swglg
MD5

410fa0138a1dbe162066d3c05f8b7ca3
SHA1

53101738d627e81f95c4c4cf81c6563a307f0226
SHA256

1632d6243bbdace63217bad0951f5cf94eb1b3d11692f5a681f9476248015a8d
SHA512

266bd556ffa3af20e11654cabb1f19d2e6ca0227afb87ef63d2dbe01389a7f3f80b847281229680dc7b44bfa31c691789bcf95ee5b73c31a7f6faadff37d8303
SSDEEP

6144:M9j76xnImFZ1MmF8QTU/urSi38VoXM0qVoXM0n57XGY7wPQRC5uAiIOWO+oYKBIf:0jOtvHMm5xf8VomVoDkYU4RPAKP8J3P

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

YaliMod.exe

Resource

win10-20240404-en

discordrat persistence rat rootkit stealer

windows10-1703-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2MDk4NjU1ODQ4ODUxMDUyNQ.GhjU6O.gLCO4YDx_19-HQrbsTjHi1sZ2USHaMsZ0UaAr4
server_id
1260985342689939576

Targets

- Target
  
  YaliMod.exe
- Size
  
  503KB
- MD5
  
  410fa0138a1dbe162066d3c05f8b7ca3
- SHA1
  
  53101738d627e81f95c4c4cf81c6563a307f0226
- SHA256
  
  1632d6243bbdace63217bad0951f5cf94eb1b3d11692f5a681f9476248015a8d
- SHA512
  
  266bd556ffa3af20e11654cabb1f19d2e6ca0227afb87ef63d2dbe01389a7f3f80b847281229680dc7b44bfa31c691789bcf95ee5b73c31a7f6faadff37d8303
- SSDEEP
  
  6144:M9j76xnImFZ1MmF8QTU/urSi38VoXM0qVoXM0n57XGY7wPQRC5uAiIOWO+oYKBIf:0jOtvHMm5xf8VomVoDkYU4RPAKP8J3P
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

© 2018-2024

Terms | Privacy