discordrat | 2ad64e8dfd8a9799ed6a456fa784d1884164eedcea268c910e72fe543891cef2 | Triage

Sharing

General

Target

RvcUserInterFace.exe
Size

78KB
Sample

240723-v7p28athpc
MD5

a93e4c430ad89942f59d9634116ea5c4
SHA1

9dd1419ca927a5e95e380f60693223b5fffbe89a
SHA256

2ad64e8dfd8a9799ed6a456fa784d1884164eedcea268c910e72fe543891cef2
SHA512

4d8420f7558f18be70544e8190b7e75f461c5401e8f1302e08431807232a10f821ebef7c318e8613aff37e7b739fb9a670903ae775a186dddcc82435b3ed0f59
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+pPIC:5Zv5PDwbjNrmAE+ZIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE4NTI0NTc2NjExNDEwMzM1Nw.Gat4VC.1CnS9_cPhmJgKcEV43-EZxZET1Cj3kAzip89cM
server_id
1178376627995037726

Targets

- Target
  
  RvcUserInterFace.exe
- Size
  
  78KB
- MD5
  
  a93e4c430ad89942f59d9634116ea5c4
- SHA1
  
  9dd1419ca927a5e95e380f60693223b5fffbe89a
- SHA256
  
  2ad64e8dfd8a9799ed6a456fa784d1884164eedcea268c910e72fe543891cef2
- SHA512
  
  4d8420f7558f18be70544e8190b7e75f461c5401e8f1302e08431807232a10f821ebef7c318e8613aff37e7b739fb9a670903ae775a186dddcc82435b3ed0f59
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+pPIC:5Zv5PDwbjNrmAE+ZIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer