discordrat | 7bc23223c8f81d70c230ceac3deb05670e9778974fd285b8cae1e693c2367de4 | Triage

Sharing

General

Target

DontBearWithCheaters (1).rar
Size

1.0MB
Sample

240818-pfbgvswekr
MD5

e31d8afc4e1c9ed4fa3ffdd525fb3049
SHA1

a8307cc941c7bcb45277e584444b280b44e4cd39
SHA256

7bc23223c8f81d70c230ceac3deb05670e9778974fd285b8cae1e693c2367de4
SHA512

d4435d623904ad044653dba8c315dabdc9bd50a0691c31b9f5a43d4896f82ea7d81953e96da66253fd1ac4352c0e6501ddc0a36b26ec6c5a2991bd1d2a65b431
SSDEEP

24576:LbeTRQDrR5Q9HkpZlKN6w3FdZN3NPcZykPOFY4gHnr:OTR+bQqlKN6wVdZ1NKPOxMr

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTEyMTQyMDgwMTYyNzkyMjU3Mw.G4jNQO.MglsuiS1ldNvX29tR2kywKn8IorYGQT7wUNojo
server_id
1271887603272122468

Targets

- Target
  
  DontBearWithCheaters/EasyCheating.exe
- Size
  
  50KB
- MD5
  
  a262aecc8e8dc29650ff5e11d7b3c276
- SHA1
  
  c6dc0c79fc0616fc7ba0d58e005bb2c62c9f8012
- SHA256
  
  5807ce4e87716a5bc909df73c563dd643da24a01704e15db6b6d638850c585ea
- SHA512
  
  993f6cb26939417567be9c739cba44553cd4b2e9d27d158031aafe6c7baa46b9b35e285b0a9294788d8d055b121be19d6f09f8f693f9eccaa06ad18804726b07
- SSDEEP
  
  768:Tmr2rBQ1wWOQgdSR8qKugZa3lbaxgGjX0/o9Bv60mifhhIZtWLqiO:qAwwFQgEBC03haxfk/G160XInWLY
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  DontBearWithCheaters/execution.dll
- Size
  
  1.3MB
- MD5
  
  c5f72cba67c646699f1eae560c68526e
- SHA1
  
  5878c0ee13aee3f6c9b2954c03ebfeb9fd2daeaa
- SHA256
  
  c9ca1b4914495015ff1c4987cef248df97c743242f5c498a1bd07786d508abdc
- SHA512
  
  de2ca2706f939ce659bbd5182c080716d0fb23f18a3a9e2e4c1a500dc6b42ec516b83dde565202243ff827e14ed5b7dc5f1c43b47224e00fa41976ff9443bb4f
- SSDEEP
  
  24576:dDTNKK87f4ZU2wWgRPcvtd5cqX0Inwpj4lHWALxycRy1g76yW6xnO:3nwl4l2ALNRyupxn
Score

1^/10
behavioral3 behavioral4
- Target
  
  DontBearWithCheaters/libcurl.dll
- Size
  
  557KB
- MD5
  
  ebdef0023633276984bddefb8531b54e
- SHA1
  
  ea61ce4624f76f79a73b6b563d7e23a7a8ea120e
- SHA256
  
  aa3453580c81509884f02063938ffd53a74a29cc74cba2b2562eb7de068b1dea
- SHA512
  
  0f9d2f809ae8c5b3a5fd360fd83c945896ceac247f7bb7fea2a53315fb8e4347f62a7849a689d896784f146c6bdffdc6e1a2d799d0bdce456f258daca3111f23
- SSDEEP
  
  12288:b/4zHAn7aOe5hR+e+VTXtz3m5+LIbaSzw50Gblq5NCpsO9:8zAn7aZB+BBz38aSzw50Gblq5Nm
Score

1^/10
behavioral5 behavioral6
- Target
  
  DontBearWithCheaters/xxhash.dll
- Size
  
  47KB
- MD5
  
  19081ff52c0c21e888c2795f42200215
- SHA1
  
  ef8528891c7250111cc3592baf162006f0607c7f
- SHA256
  
  f291117a848583a74bd0546511715a293a9b87d4c2a250bf431f98f1bb20de6c
- SHA512
  
  cfaa8c1ea5145870b88ef0b299d67e6f902cadfbbbab03d6843e1e65bdebe37ba463b200041c64bb191c5f907d559c2df52756290031d33876a79665ef31d3e4
- SSDEEP
  
  768:D1WkmhW508rbV9uoF6QV8nBT+RYOsYeZbK9DSPItsrXzhqcqOMLOC:D1aW5BrbuHbnBiGO9SbTISXzhqcqOMa
Score

1^/10
behavioral7 behavioral8
- Target
  
  DontBearWithCheaters/zlib1.dll
- Size
  
  88KB
- MD5
  
  e62e2a6c41a71792abf106543d20dd77
- SHA1
  
  f78d717115c894486ceada000a2199deb36c571a
- SHA256
  
  fdf95f94e604db0c8c23777fa3ca4dba84b8541074feeadd0d64be15b5f0e9ff
- SHA512
  
  d8042ececb6ff99264f2973c721367ad2bc81855a7e2278e532ef69be6709cfec86a132d0dd7d4ba8e3f2c544b990b8622032858ecc9f66f2f9a3a03bae1e3d2
- SSDEEP
  
  1536:9XrCl5V5lEwda1RnSbFfbpYwayRyivl9LlKIOcIOZ7yfXEEUnvfzG0Tgre:dcV5lEwUbShbpbaCpv9YSZ7wXEEUnnz3
Score

1^/10
behavioral10 behavioral9
- Target
  
  DontBearWithCheaters/zstd.dll
- Size
  
  638KB
- MD5
  
  a3ee06ae6058525909f3d956d298718d
- SHA1
  
  32f0788f36428dfa8f565f3884bd739d83f44f89
- SHA256
  
  cdccb1bf7fea582cc2d15a355e31d3b068418b097cebe3074ba61d3603fa6d27
- SHA512
  
  db891643bdbd676d77350143f1217d98e2e7ec4501b29be00634edce44eda49639ee663de86553abe02dccd4b4d0c53a1a9a9dfb7bf2e918367202ec598b388f
- SSDEEP
  
  6144:1qd76u2e8QuAkx7OT5evcME1Tk82zXtrwXgOTmkriCiaNFcuU2JmR/kXsXuQND9:04u2IuAWcMEgzXt8QCmZCiaAuUn
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12