discordrat | 132a57ab50e5d15698b9a99929d0f118cad13f7353eb723daa41e1b853354476 | Triage

Sharing

General

Target

Discord Token Grabber.exe
Size

78KB
Sample

240810-s68f3azflg
MD5

38801e10701a6f739024f8e0c7f96d5b
SHA1

264f13f2dd1a5c0a6c680d1f5f590c346547b2fe
SHA256

132a57ab50e5d15698b9a99929d0f118cad13f7353eb723daa41e1b853354476
SHA512

e234044d480e02d99c80a24d50846ec8c870411da2ac725f30309783bc8be589c5bcea70fc43f44db402cf73a63f9a562963107e3367b3090ffda438e567dc8c
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+NPIC:5Zv5PDwbjNrmAE+dIC

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTIwMTE2OTIzMjM0MDE4OTIxNA.Gys-q1.tKKJx97VdW_Z7GSgMrKzoWfeRvK3AWWfcSFxhc
server_id
1201170015383191592

Targets

- Target
  
  Discord Token Grabber.exe
- Size
  
  78KB
- MD5
  
  38801e10701a6f739024f8e0c7f96d5b
- SHA1
  
  264f13f2dd1a5c0a6c680d1f5f590c346547b2fe
- SHA256
  
  132a57ab50e5d15698b9a99929d0f118cad13f7353eb723daa41e1b853354476
- SHA512
  
  e234044d480e02d99c80a24d50846ec8c870411da2ac725f30309783bc8be589c5bcea70fc43f44db402cf73a63f9a562963107e3367b3090ffda438e567dc8c
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+NPIC:5Zv5PDwbjNrmAE+dIC
Score

10^/10

discordrat persistence rat rootkit stealer discovery
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratdiscoverypersistenceratrootkitstealer