discordrat | 7f669f2a98207908758a72625023ef4e4ca6aa6197dfcb2bd1b580276294200c | Triage

Resubmissions

17-08-2024 19:59

240817-yqjewsteqb 10

17-08-2024 19:57

240817-ypjn9stelf 10

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240817-ypjn9stelf
MD5

be70fc7b5dc5350d3f701b1eca041f38
SHA1

1a2fae030b1fcc86773582b9a4b52095bfeed54b
SHA256

7f669f2a98207908758a72625023ef4e4ca6aa6197dfcb2bd1b580276294200c
SHA512

3e0a9864dc199863c3b99a4472b2cf67f832e549f649a5a6b5fba3178b57374b352675206d1684050e362f09f424d654e64179223e52f4fb009df0a400a1d281
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+OPIC:5Zv5PDwbjNrmAE+qIC

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI3NDQ1MDY3MzU1NTIxMDM0Mg.GXswgG.zl5VBDf6LYYyIsAljT-fxtFvO3GhEEOcdHnkQ8
server_id
1274450852853321728

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  be70fc7b5dc5350d3f701b1eca041f38
- SHA1
  
  1a2fae030b1fcc86773582b9a4b52095bfeed54b
- SHA256
  
  7f669f2a98207908758a72625023ef4e4ca6aa6197dfcb2bd1b580276294200c
- SHA512
  
  3e0a9864dc199863c3b99a4472b2cf67f832e549f649a5a6b5fba3178b57374b352675206d1684050e362f09f424d654e64179223e52f4fb009df0a400a1d281
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+OPIC:5Zv5PDwbjNrmAE+qIC
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer