discordrat | 489b67c5ae9c6c162cec6c92a5aad5d92e946c413f845fd0614938bbfba37d4c | Triage

Sharing

General

Target

file
Size

312KB
Sample

240731-wp1lns1ejb
MD5

65bf1cc8610b6f00c795aa82a5c117ae
SHA1

53ee2e56c4d4f5a9a437d8582f394bba4589d1b4
SHA256

489b67c5ae9c6c162cec6c92a5aad5d92e946c413f845fd0614938bbfba37d4c
SHA512

abc1f1c0d0ad912635569e316d6aa8e0b1928c11d93487e5b54e248f29024e2e868e058ee531b515b98632dc80b14d9637f701a59833764294e589b2254c24d4
SSDEEP

3072:0iTgAkHnjPIQ6KSEc/NHCPaW+LN7DxRLlzglKlVszk:PgAkHnjPIQBSEoiPCN7jBlVszk

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1MDExOTQ0MDQwMjQ4NTMzMA.Ge_nb9.bOZ6uIVIsB-r7_5Obut7NbrQdA-19MP5qhjASM
server_id
1250120668813594766

Targets

- Target
  
  file
- Size
  
  312KB
- MD5
  
  65bf1cc8610b6f00c795aa82a5c117ae
- SHA1
  
  53ee2e56c4d4f5a9a437d8582f394bba4589d1b4
- SHA256
  
  489b67c5ae9c6c162cec6c92a5aad5d92e946c413f845fd0614938bbfba37d4c
- SHA512
  
  abc1f1c0d0ad912635569e316d6aa8e0b1928c11d93487e5b54e248f29024e2e868e058ee531b515b98632dc80b14d9637f701a59833764294e589b2254c24d4
- SSDEEP
  
  3072:0iTgAkHnjPIQ6KSEc/NHCPaW+LN7DxRLlzglKlVszk:PgAkHnjPIQBSEoiPCN7jBlVszk
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer