discordrat | 6a3c2a04386259822063ba445c6cba3daa75f2aab94d4056787f4805943fa951 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

241003-aesx7atgqn
MD5

01d829655fc09f794cd08c4d37b69b2f
SHA1

cafe5939025dd3b807c14d10ac35940e92531cf0
SHA256

6a3c2a04386259822063ba445c6cba3daa75f2aab94d4056787f4805943fa951
SHA512

1bfcf52bc7bda5c3b40707cd1b22bce013a3f131e1182ce7aa0370e870f05b9ad59c431e7f0873fbe483fb049baca52fd87921da2fb4e7a260b24a49cc23808e
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+CPIC:5Zv5PDwbjNrmAE+uIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2NTQwMTQ0Mjg3MzkwNTIwNA.GdG07u.WGgqlcXqbbG3zgltKXA6zqbUVzT4CyIcohro10
server_id
1259978633213382748

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  01d829655fc09f794cd08c4d37b69b2f
- SHA1
  
  cafe5939025dd3b807c14d10ac35940e92531cf0
- SHA256
  
  6a3c2a04386259822063ba445c6cba3daa75f2aab94d4056787f4805943fa951
- SHA512
  
  1bfcf52bc7bda5c3b40707cd1b22bce013a3f131e1182ce7aa0370e870f05b9ad59c431e7f0873fbe483fb049baca52fd87921da2fb4e7a260b24a49cc23808e
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+CPIC:5Zv5PDwbjNrmAE+uIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer