discordrat | a0bcb2876aec1eb2173e2f49c3cc1548ce04f38a593ed04d24ff0e3045c0faf6 | Triage

Resubmissions

05-09-2024 11:54

240905-n3d1tszemq 10

05-09-2024 11:46

240905-nxjzws1ard 10

Sharing

General

Target

Client-built.zip
Size

27KB
Sample

240905-nxjzws1ard
MD5

329cb7c0acd5d6f1f1f9150dd53e2554
SHA1

966bde197346e2cfb71a741cefb9b51e51d1ff12
SHA256

a0bcb2876aec1eb2173e2f49c3cc1548ce04f38a593ed04d24ff0e3045c0faf6
SHA512

c65cc24a4e7e138707e9f8640c7a74739263139b7a3920d10107b288931508c033812d0594a29efed02c49aa1d5cc714bfb19cdbd1aac87fcdabec76a1180e40
SSDEEP

768:7PgZMqAosIQkA9NEoCjfzJ+5RrvTFPbclyxYiWFj3S+:695YCjLJllyxYHzz

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI4MTE5OTI3Mzg3NDI5Njg2Mg.Go_Acr.HUIHPEQaWjoIWxj4Geox9QLBiEggb5zNfnhqSk
server_id
1276135122353131575

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  871ec39c515d1e6f6594696404868c50
- SHA1
  
  b93d20a7e926b1396be5ba887ae72cdc28cdc101
- SHA256
  
  37f79ef934775e7dbcd006be8c438435ffdd059ef4674cee8b988835f5ad2ae9
- SHA512
  
  bec7154db76b64ec6ef02164e6959664299ed54fa85d74d7a010d21f2e43e9bcf3b16f9c9fea4c8798325e5e0978d66803014e64342ffbac0cbc2745f7e399ea
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+M/PIC:5Zv5PDwbjNrmAE+MIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer