discordrat | 49431d16d5c1384e92208d781930ec5432e5ee0e9500b3deb04e8d049bde8004 | Triage

Sharing

General

Target

yoyoyo.rar
Size

26KB
Sample

240731-v2a14szdrc
MD5

8e10bf12b0d7bba32cca32fccbd11924
SHA1

9ca7ffbd98a432a233c4351fd1db37bec7412a8e
SHA256

49431d16d5c1384e92208d781930ec5432e5ee0e9500b3deb04e8d049bde8004
SHA512

a02884dc5972876059dd91cb348ff442eaceffffae34ceeb942877ecc94a1ce281d87da211ebfe0284d98e6d0a82d018060a70c2444f4e4d00f0cae44e9b172a
SSDEEP

768:5VePiRwPl0r9POuIlAit2EyW/B3D+2Y7jvEDkkyQfk:SqGPl0r9POu9iTBzUPvEQ

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIwMjY3MzUxMzE2OTk1Mjc3OA.Gu9wgS.PCZlKcej2h_eKO95DtjS7vHNamqu0hmMKxPwY0
server_id
1202682799371591720

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  c83965c4b6f314fbd83ee56161f7962a
- SHA1
  
  0aa62755f09a3641b376d976efc1202786b65869
- SHA256
  
  7e190c48347e8e9c2d243c4536f1653a1e86976d24c7cc8a63a75db199f17ff4
- SHA512
  
  36b70bd32ed81ae32eaadc6c68de2bd90c252e6b06e6379df53a2e47566fe880dafdd84b365620f47b6a7dc5edcc5bc7c707841980b5cfe0275d7c495079f3e1
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+8PIC:5Zv5PDwbjNrmAE+wIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer