discordrat | 448e897662ae0cf14374b154d77075380919d7935d8308ac59adfbd9412a4b45 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240721-s3jnjavbne
MD5

d65a8fc11186b7b181bc211fdd1bd757
SHA1

293040e335403b967eef1874846efb2409beb400
SHA256

448e897662ae0cf14374b154d77075380919d7935d8308ac59adfbd9412a4b45
SHA512

bda0ac0a2084b84631b284056de413e33403bd3ecfa26d90e83ad9a48a27382a021d26d5e3849c1f4cdcdadcaeff9a3aa82a976e8755616a77c41267c1fc7698
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+KPIC:5Zv5PDwbjNrmAE+WIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2NDYwNjUxMTYxMTY0MjA1OQ.GmewvR.jGkNnywXbAQWrz3UUsFdrokdaBnp-Z4FgZ7qkI
server_id
1264606440098631681

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  d65a8fc11186b7b181bc211fdd1bd757
- SHA1
  
  293040e335403b967eef1874846efb2409beb400
- SHA256
  
  448e897662ae0cf14374b154d77075380919d7935d8308ac59adfbd9412a4b45
- SHA512
  
  bda0ac0a2084b84631b284056de413e33403bd3ecfa26d90e83ad9a48a27382a021d26d5e3849c1f4cdcdadcaeff9a3aa82a976e8755616a77c41267c1fc7698
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+KPIC:5Zv5PDwbjNrmAE+WIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer