discordrat | 95e5f46c36b28533bbf92f1a264dcc439aea1b0e030e360998e830b5b7036edf | Triage

Sharing

General

Target

DiscordHackerTools.exe
Size

90KB
Sample

240920-sydaystdlc
MD5

fdd2dbdc384cfcedf86537203b6ed986
SHA1

37f7f2ccc0f594445ccc1b846da2cf7885dfea6d
SHA256

95e5f46c36b28533bbf92f1a264dcc439aea1b0e030e360998e830b5b7036edf
SHA512

161d6524e73891b719c28b29e95734f30ace6e93771164faed3bdab689e59ef641e5645ee5c5d458518b5200f865dcc62ab4336b2f899bbcaef79cced0c6538c
SSDEEP

1536:sbPjt72uOFmYskRPUAqtBTldwr0bpAkA/rZgbGNra+uexCxoKV6+f2vH:ajtyuOFpskpgBTlugmgbGNra+bS2P

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI4NjY5NzM2MzA0OTY3NjgyMg.GXVoQY.9z4vKuRhM26WGS-YJsP0Qdv7XSkZ1mvw0jZ_4w
server_id
1286696321482489930

Targets

- Target
  
  DiscordHackerTools.exe
- Size
  
  90KB
- MD5
  
  fdd2dbdc384cfcedf86537203b6ed986
- SHA1
  
  37f7f2ccc0f594445ccc1b846da2cf7885dfea6d
- SHA256
  
  95e5f46c36b28533bbf92f1a264dcc439aea1b0e030e360998e830b5b7036edf
- SHA512
  
  161d6524e73891b719c28b29e95734f30ace6e93771164faed3bdab689e59ef641e5645ee5c5d458518b5200f865dcc62ab4336b2f899bbcaef79cced0c6538c
- SSDEEP
  
  1536:sbPjt72uOFmYskRPUAqtBTldwr0bpAkA/rZgbGNra+uexCxoKV6+f2vH:ajtyuOFpskpgBTlugmgbGNra+bS2P
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer