discordrat | a71ca59eaebc49cc831700a9835fd7f1028cdb4ac1410e74b7a51b46cff01c3f | Triage

Submit
Reports

Overview

overview

Static

static

1

OmeTV-Loading.mp4

windows10-2004-x64

Sharing

General

Target

OmeTV-Loading.mp4
Size

16.7MB
Sample

240930-s3ve2ashjr
MD5

ab395e124b59af38ca0096278d1e6b71
SHA1

0befcefb23156e955fa4cdb5283e008e570ed643
SHA256

a71ca59eaebc49cc831700a9835fd7f1028cdb4ac1410e74b7a51b46cff01c3f
SHA512

029966b2db1ffd735ccfbd17ec06e19d34f63db2aa91f8df77aa6df69e5318a9cc820fc52f84f2837bd2e557c47d7865df4aaa364070f0f34c752a5a85a2601c
SSDEEP

393216:RYzCryzVBDKU84xCCepH/hdB7cLNpAde0wLhmDjExj:RYmryzVBE53dYMv80M1

Score

10^/10

discordrat discovery motw persistence phishing rat rootkit stealer

Static task

static1

Behavioral task

behavioral1

Sample

OmeTV-Loading.mp4

Resource

win10v2004-20240802-en

discordrat discovery motw persistence phishing rat rootkit stealer

windows10-2004-x64

20 signatures

1800 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI5MDMzNzg3MDMxMzI5NTkyNg.GBPjDG.gaLsW55T8B4V8KGD5_L2qphf5IRxNpBLK1eRyA
server_id
1290337683041685594

Targets

- Target
  
  OmeTV-Loading.mp4
- Size
  
  16.7MB
- MD5
  
  ab395e124b59af38ca0096278d1e6b71
- SHA1
  
  0befcefb23156e955fa4cdb5283e008e570ed643
- SHA256
  
  a71ca59eaebc49cc831700a9835fd7f1028cdb4ac1410e74b7a51b46cff01c3f
- SHA512
  
  029966b2db1ffd735ccfbd17ec06e19d34f63db2aa91f8df77aa6df69e5318a9cc820fc52f84f2837bd2e557c47d7865df4aaa364070f0f34c752a5a85a2601c
- SSDEEP
  
  393216:RYzCryzVBDKU84xCCepH/hdB7cLNpAde0wLhmDjExj:RYmryzVBE53dYMv80M1
Score

10^/10

discordrat discovery motw persistence phishing rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Mark of the Web detected: This indicates that the page was originally saved or cloned.
  phishing motw
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverymotwpersistencephishingratrootkitstealer

© 2018-2025

Terms | Privacy