discordrat | 04d5724142b40885178926c95d5c7dae1a180209cbc428adf180f4bf7d10307a | Triage

Sharing

General

Target

Password_is_123.zip
Size

26KB
Sample

241009-w8seea1erp
MD5

85b85888f876c3bd52e15acb9155f940
SHA1

e1a1296b7f9b82ffa6c3675c87a5d5f4cc02dbbc
SHA256

04d5724142b40885178926c95d5c7dae1a180209cbc428adf180f4bf7d10307a
SHA512

690bdd8f14c9fd23a426c030a2ecae4173e0c2a81e025c6a5c681358f03577805e3b6e9bad92abdd61a0674914f75ab9d34bd1e4e612aff034396e97aecd55f0
SSDEEP

768:NMJeXbh9kWd+r1xnta1jZYhq+4901J+SMkQIm:DXbfkWd+rJcahq+4SJ+SMzIm

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI5Mjg0MzMwMDQ3ODI1NTIxMA.GOiMvF.buFAJ-8_QN7oxzDq-_ldj3Hz2f3za_ZGsizg8Y
server_id
1292843892663648317

Targets

- Target
  
  Setup.exe
- Size
  
  78KB
- MD5
  
  adbbd3611fcf6990d747036abd9bf4c4
- SHA1
  
  191132d7ee211e1ba11dbac2f74f71733c688f90
- SHA256
  
  d2ef967cf32ac7cb5d22c2921bb3e63ad81562b7df61de1bb94e6b71716c06d4
- SHA512
  
  bb6627d360141aca927d29fab4a6b6751ca47b0b08c8bd71bc991b330e74fb7ce4a03d5bed56b25405376aa4ee149989581652612f37a5024cc5c34b48b922c0
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+tPIC:5Zv5PDwbjNrmAE+9IC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer