discordrat | 35d13505df0417e4336ca25dfa575e4164924cf1c4e4411a37e78c60ee49418f | Triage

Submit
Reports

Overview

overview

Static

static

Nitro File.exe

windows10-1703-x64

Nitro File.exe

windows10-2004-x64

Nitro File.exe

windows11-21h2-x64

Sharing

General

Target

Nitro File.exe
Size

209KB
Sample

240801-ldvk6stdjl
MD5

4be96138987493db3a2ffc7a53ccaed4
SHA1

585697465bf85c77f7abc74f707fa238bda203a0
SHA256

35d13505df0417e4336ca25dfa575e4164924cf1c4e4411a37e78c60ee49418f
SHA512

d0d7bc465dcbadccc52ed8b8d7a2eb80ebe23421bdc06dd56392b8caca1ae59671a9976f8af51b97bdef88093e49030ae8254573bec427b84d00da4a6b726f95
SSDEEP

1536:t2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+rPI3iJJGcTJPkm:tZv5PDwbjNrmAE+DI3iJJGcTlkm

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Nitro File.exe

Resource

win10-20240404-en

discordrat persistence rat rootkit stealer

windows10-1703-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Nitro File.exe

Resource

win10v2004-20240730-en

discordrat persistence rat rootkit stealer

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Nitro File.exe

Resource

win11-20240730-en

discordrat discovery persistence rat rootkit stealer

windows11-21h2-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE4ODAyMjM1Mjk0OTI4OTAxMQ.Gu2_uP.vLTi_dwhJzEADGTXokjHNmF5ED4bLR5HGYDIkE
server_id
1168062993934852176

Targets

- Target
  
  Nitro File.exe
- Size
  
  209KB
- MD5
  
  4be96138987493db3a2ffc7a53ccaed4
- SHA1
  
  585697465bf85c77f7abc74f707fa238bda203a0
- SHA256
  
  35d13505df0417e4336ca25dfa575e4164924cf1c4e4411a37e78c60ee49418f
- SHA512
  
  d0d7bc465dcbadccc52ed8b8d7a2eb80ebe23421bdc06dd56392b8caca1ae59671a9976f8af51b97bdef88093e49030ae8254573bec427b84d00da4a6b726f95
- SSDEEP
  
  1536:t2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+rPI3iJJGcTJPkm:tZv5PDwbjNrmAE+DI3iJJGcTlkm
Score

10^/10

discordrat persistence rat rootkit stealer discovery
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer

behavioral3

discordratdiscoverypersistenceratrootkitstealer

© 2018-2024

Terms | Privacy