discordrat | ba16769e14928fcfbf992b64097ae2e6d8f2bdbc19845a3f59e3962d605af6b8 | Triage

Sharing

General

Target

startUp.exe
Size

78KB
Sample

240815-jfexds1hpe
MD5

3c54c63429b0d1fd270d4de8483abb35
SHA1

7ba250d75e359298456f3935c1f03b72fed86a23
SHA256

ba16769e14928fcfbf992b64097ae2e6d8f2bdbc19845a3f59e3962d605af6b8
SHA512

d155f34bcb646513476dc375a37866979b1a863cc46e6043206f5d3d5fe84c52530e436da4a9ccceb9641e20c654080cb1db1d06290f9213cc2134dc22d875c5
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+UPIC:5Zv5PDwbjNrmAE+IIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5MTM5MjgwNTUxNjQ3NjQyNg.Gl3kkb.usaX-42FrcQ6J-kIDoZduTOOAdWSZQA8Gv_RsQ
server_id
1270003925323481189

Targets

- Target
  
  startUp.exe
- Size
  
  78KB
- MD5
  
  3c54c63429b0d1fd270d4de8483abb35
- SHA1
  
  7ba250d75e359298456f3935c1f03b72fed86a23
- SHA256
  
  ba16769e14928fcfbf992b64097ae2e6d8f2bdbc19845a3f59e3962d605af6b8
- SHA512
  
  d155f34bcb646513476dc375a37866979b1a863cc46e6043206f5d3d5fe84c52530e436da4a9ccceb9641e20c654080cb1db1d06290f9213cc2134dc22d875c5
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+UPIC:5Zv5PDwbjNrmAE+IIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer