discordrat | 097413e6718d4137d1c5d6373dff3c1275e297416e48bd1de2a26115d19d0a01 | Triage

Sharing

General

Target

cheat.exe
Size

88KB
Sample

240721-qw72fasena
MD5

a98dbae8957909fe8473f3fc87cc004e
SHA1

e8d7943e1b09f33c0066504dc89174429e0decfd
SHA256

097413e6718d4137d1c5d6373dff3c1275e297416e48bd1de2a26115d19d0a01
SHA512

89d62e3541d777a3b7c181fbfcfca3ff3ccd8368fc49e2d6ee964415c285ae140c693bc2fb94109fee121d19be2c1ad27633dac896dd6b1673a64dca42f5088d
SSDEEP

1536:x+2MeT1KWKE55WGMb1PpT+PWXjsnUToZbcNr1+uexCxoKV6+fNGOtOJK:xd7K9S5WGePZVjsnaoZbcNr1+bSNxtOM

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2NDU3NjcxNjE5MDM4ODMwNA.GpIbGF.K6DwbwuTOkE9RNx3unenrnY5Hc4a8t36roOLZw
server_id
1264576524019830834

Targets

- Target
  
  cheat.exe
- Size
  
  88KB
- MD5
  
  a98dbae8957909fe8473f3fc87cc004e
- SHA1
  
  e8d7943e1b09f33c0066504dc89174429e0decfd
- SHA256
  
  097413e6718d4137d1c5d6373dff3c1275e297416e48bd1de2a26115d19d0a01
- SHA512
  
  89d62e3541d777a3b7c181fbfcfca3ff3ccd8368fc49e2d6ee964415c285ae140c693bc2fb94109fee121d19be2c1ad27633dac896dd6b1673a64dca42f5088d
- SSDEEP
  
  1536:x+2MeT1KWKE55WGMb1PpT+PWXjsnUToZbcNr1+uexCxoKV6+fNGOtOJK:xd7K9S5WGePZVjsnaoZbcNr1+bSNxtOM
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer