discordrat | 2aef08f79aaeb1372074b1e00665dcd4d684da64678d9afdf1c475b9604ea7a4 | Triage

Sharing

General

Target

1029384756.exe
Size

6.2MB
Sample

240929-z39naa1cll
MD5

ff249060a98b9585eb011927c21bbf8e
SHA1

30cd2132d599fa50f53683d3c0d5a88c52f2b121
SHA256

2aef08f79aaeb1372074b1e00665dcd4d684da64678d9afdf1c475b9604ea7a4
SHA512

2d252af848934457d0b570a0d17381f83d67b3e22e845b4f295db410c978aa6d498a33844f3fc047b0b4f9b07f4cadeae0a147c04d92e4073a631423ac82aa7b
SSDEEP

196608:8QIML+4Y3yWU6fyzXVarvBWumtSlyZ20r6zYvGqpWs12:vIML+4Y3yWUgEumAWmzYvGJ

Score

10^/10

discordrat defense_evasion discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI4OTU5MTU3OTc0NDY2NTYwMQ.GeVN_G.B9uH1vpClVyq73820fXzo5z7HFsuew0uArUTHU
server_id
1289604307905413142

Targets

- Target
  
  1029384756.exe
- Size
  
  6.2MB
- MD5
  
  ff249060a98b9585eb011927c21bbf8e
- SHA1
  
  30cd2132d599fa50f53683d3c0d5a88c52f2b121
- SHA256
  
  2aef08f79aaeb1372074b1e00665dcd4d684da64678d9afdf1c475b9604ea7a4
- SHA512
  
  2d252af848934457d0b570a0d17381f83d67b3e22e845b4f295db410c978aa6d498a33844f3fc047b0b4f9b07f4cadeae0a147c04d92e4073a631423ac82aa7b
- SSDEEP
  
  196608:8QIML+4Y3yWU6fyzXVarvBWumtSlyZ20r6zYvGqpWs12:vIML+4Y3yWUgEumAWmzYvGJ
Score

10^/10

discordrat defense_evasion discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdefense_evasiondiscoverypersistenceratrootkitstealer