discordrat | 914b857e803c19670ce854ab164d5047ede50fca5c3dd66f50afafbfedb6c625 | Triage

Sharing

General

Target

Gamebattles_Credit_Adder.exe
Size

519KB
Sample

240801-pgv8nazfml
MD5

f5b1ed390659aa3f894a576ba49cc232
SHA1

fc26ae14db4fda8e4cba79315d2c3a296cbcc35a
SHA256

914b857e803c19670ce854ab164d5047ede50fca5c3dd66f50afafbfedb6c625
SHA512

6a5d054633baa4b088cd3d3d3c6b94ca1a1bc3494e970caba05b9bb2f783f1ba68372612b7c22a639d8e284f52578a078f0cc07a3abc00d2034a156e163e46e0
SSDEEP

6144:3DvO5hBFSeDMhto8S+L6SESUNLWBq9NWm9NXeAPs2tZE1OvZiqd3nxPnH0U+HM2f:TvOO5m4ISUAqLWsHpZuOvg23Z2HG/H

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
killer999

Extracted

Family

discordrat

Attributes

discord_token
https://discord.com/api/webhooks/1161788001135902741/ztxjwKAIu6KPaNbcXND5hC4MilU54lL_76bikPC1LMquEXQShGawLBLyZCTJXL0MKePS
server_id
1143900149777702913

Targets

- Target
  
  Gamebattles_Credit_Adder.exe
- Size
  
  519KB
- MD5
  
  f5b1ed390659aa3f894a576ba49cc232
- SHA1
  
  fc26ae14db4fda8e4cba79315d2c3a296cbcc35a
- SHA256
  
  914b857e803c19670ce854ab164d5047ede50fca5c3dd66f50afafbfedb6c625
- SHA512
  
  6a5d054633baa4b088cd3d3d3c6b94ca1a1bc3494e970caba05b9bb2f783f1ba68372612b7c22a639d8e284f52578a078f0cc07a3abc00d2034a156e163e46e0
- SSDEEP
  
  6144:3DvO5hBFSeDMhto8S+L6SESUNLWBq9NWm9NXeAPs2tZE1OvZiqd3nxPnH0U+HM2f:TvOO5m4ISUAqLWsHpZuOvg23Z2HG/H
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer