discordrat | a951913d185f6d17a9914d5dc323120e2515a89e36ec8c3e76e8f65266c72a1c | Triage

Sharing

General

Target

coalie_Bootstrapper (1).exe
Size

78KB
Sample

241010-b9srcatgpf
MD5

dd58b694ac477dd7d287d71851d72daf
SHA1

ed4fc96bdb8b937a2d4ac63e44b939de693da166
SHA256

a951913d185f6d17a9914d5dc323120e2515a89e36ec8c3e76e8f65266c72a1c
SHA512

eb9823326ec23411c4204e2e46317745237bdaa081bab1841243dc9ba14298ccf130a5494c426435b51a7cbb533018e5731525e23b2388b7eb90bdd04603aa14
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+YPIC:5Zv5PDwbjNrmAE+8IC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI5MzY4MTEyNTMyMjkyMDAyMg.Gdnf8n.qp5LydNzseDz9myc10SgS4lIBm-8sUwQ5sqEZY
server_id
1293094628500832319

Targets

- Target
  
  coalie_Bootstrapper (1).exe
- Size
  
  78KB
- MD5
  
  dd58b694ac477dd7d287d71851d72daf
- SHA1
  
  ed4fc96bdb8b937a2d4ac63e44b939de693da166
- SHA256
  
  a951913d185f6d17a9914d5dc323120e2515a89e36ec8c3e76e8f65266c72a1c
- SHA512
  
  eb9823326ec23411c4204e2e46317745237bdaa081bab1841243dc9ba14298ccf130a5494c426435b51a7cbb533018e5731525e23b2388b7eb90bdd04603aa14
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+YPIC:5Zv5PDwbjNrmAE+8IC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer