discordrat | 24de35651f2bd8ec4c45e912a6a988571593d7c751a946ca8bf2011a03ddb2a2 | Triage

Submit
Reports

Overview

overview

Static

static

1

source_prepared.html

windows11-21h2-x64

Sharing

General

Target

source_prepared.rar
Size

8KB
Sample

240805-jrcw6svalf
MD5

8e4e73201c7bfe283ce5920a0c9c49bf
SHA1

cc593df77fd5e6a4ecb08073f36760c525e31abf
SHA256

24de35651f2bd8ec4c45e912a6a988571593d7c751a946ca8bf2011a03ddb2a2
SHA512

be73f2ac8dc3e5565d315500ec1a14de1b7668a083d8b99aae9148f992badc1fbbff5ccece270dbb6db36ec211e4f3417892c4dfe8f35e6657876b2c0d6859ac
SSDEEP

192:gHQs+W13+IQZBftX24VtAFkWDzQK3zLf5nPiLElc2Db1:gHQs+O3+nZBftmWInzX4Elc2Db1

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

Behavioral task

behavioral1

Sample

source_prepared.html

Resource

win11-20240802-en

discordrat discovery persistence rat rootkit stealer

windows11-21h2-x64

17 signatures

1800 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2Njc1OTE2MzUzMTIzNTM2OA.G-SkgO.qg4E2E1OvIPfjMYw-hFLkrVx3slFID5ls7d0QY
server_id
1269916202600370308

Targets

- Target
  
  source_prepared.rar
- Size
  
  8KB
- MD5
  
  8e4e73201c7bfe283ce5920a0c9c49bf
- SHA1
  
  cc593df77fd5e6a4ecb08073f36760c525e31abf
- SHA256
  
  24de35651f2bd8ec4c45e912a6a988571593d7c751a946ca8bf2011a03ddb2a2
- SHA512
  
  be73f2ac8dc3e5565d315500ec1a14de1b7668a083d8b99aae9148f992badc1fbbff5ccece270dbb6db36ec211e4f3417892c4dfe8f35e6657876b2c0d6859ac
- SSDEEP
  
  192:gHQs+W13+IQZBftX24VtAFkWDzQK3zLf5nPiLElc2Db1:gHQs+O3+nZBftmWInzX4Elc2Db1
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy