discordrat | ae77dfa2d9cf1b4d2a8a6d9ec02534a389d41ae52930724aaf6611d7b510e6c9 | Triage

Submit
Reports

Overview

overview

Static

static

3

catalyst mapper.exe

windows10-2004-x64

Sharing

General

Target

catalyst mapper.exe
Size

75KB
Sample

240806-a7z7zaxgnb
MD5

107d71e92ff83fa8d051bc6b55bf6cf2
SHA1

53f75a688187ba0af9a1ef8233f99a8698ee8872
SHA256

ae77dfa2d9cf1b4d2a8a6d9ec02534a389d41ae52930724aaf6611d7b510e6c9
SHA512

2da422b599a0e80f52eee68136a9826fc12436fd10a614f5d30c1706a12c5a4b94d67034957f829fe3a84adb32d120ca1b71923ad73aa7d290a308a4c55e339e
SSDEEP

768:q82U3ydQEeFDdBc7gz3BE0btciNnA69g4lm:IUXVFAkz3BJbtlB3m

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

catalyst mapper.exe

Resource

win10v2004-20240802-en

discordrat discovery persistence rat rootkit stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1NjMyMjA1MjI4NjA1ODU4MQ.GXaTOL.L1Bde1kmFmXuyZ3LK4kGy4Ab9YhMt8b3KUVyNU
server_id
1174076539189612677

Targets

- Target
  
  catalyst mapper.exe
- Size
  
  75KB
- MD5
  
  107d71e92ff83fa8d051bc6b55bf6cf2
- SHA1
  
  53f75a688187ba0af9a1ef8233f99a8698ee8872
- SHA256
  
  ae77dfa2d9cf1b4d2a8a6d9ec02534a389d41ae52930724aaf6611d7b510e6c9
- SHA512
  
  2da422b599a0e80f52eee68136a9826fc12436fd10a614f5d30c1706a12c5a4b94d67034957f829fe3a84adb32d120ca1b71923ad73aa7d290a308a4c55e339e
- SSDEEP
  
  768:q82U3ydQEeFDdBc7gz3BE0btciNnA69g4lm:IUXVFAkz3BJbtlB3m
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy