hxxps://cdn[.]discordapp[.]com/attachments/1278788721273082049/1278788759931977778/RAT_Builder[.]jar?ex=66d56017&is=66d40e97&hm=3b2994e0eb3875bbc3de2605ba0ccf0f7026b18970e2800e3baa88c29d77f8a3&hxxps://dischord[.]com/api/webhooks/1278707372017057842/Xpss5RTpUweBMWZnAS5nsbEWz77hlT2OCYmDMd3mWLBLXIdbleySDumReMhMmISP55Lk | Triage

Resubmissions

01/09/2024, 13:01

240901-p9j14a1dqq 7

01/09/2024, 12:57

240901-p7ects1dmm 7

Sharing

Copy URL Twitter E-mail

General

Target

https://cdn.discordapp.com/attachments/1278788721273082049/1278788759931977778/RAT_Builder.jar?ex=66d56017&is=66d40e97&hm=3b2994e0eb3875bbc3de2605ba0ccf0f7026b18970e2800e3baa88c29d77f8a3&https://dischord.com/api/webhooks/1278707372017057842/Xpss5RTpUweBMWZnAS5nsbEWz77hlT2OCYmDMd3mWLBLXIdbleySDumReMhMmISP55Lk
Sample

240901-p7ects1dmm

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  https://cdn.discordapp.com/attachments/1278788721273082049/1278788759931977778/RAT_Builder.jar?ex=66d56017&is=66d40e97&hm=3b2994e0eb3875bbc3de2605ba0ccf0f7026b18970e2800e3baa88c29d77f8a3&https://dischord.com/api/webhooks/1278707372017057842/Xpss5RTpUweBMWZnAS5nsbEWz77hlT2OCYmDMd3mWLBLXIdbleySDumReMhMmISP55Lk
Score

7^/10

discovery persistence
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

discoverypersistence