Overview

overview

10

Static

static

10

GOTMYTOKENUBITCH.exe

windows7-x64

10

GOTMYTOKENUBITCH.exe

windows10-2004-x64

10

Resubmissions

14-10-2024 17:11

241014-vqawzawdph 10

14-10-2024 13:55

241014-q8h8vaycpf 10

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-10-2024 13:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GOTMYTOKENUBITCH.exe

  • Size

    78KB

  • MD5

    83ec3285fa604df1fd383515831f6d94

  • SHA1

    79de32233f2e64785273df5ea74b1a262f5c08b0

  • SHA256

    85b3bc882b829679c4fcba10c9d95bf754b6fcd63ae06e842c5f737ed27bfe57

  • SHA512

    e848b16d1e92d5236c9f003345266d5cc95f33c03187974928fec7b66a8c957b6eba59c710ffcfe21cccf1ac100b820d4634f154494f4b32a7f743b70bf6c38c

  • SSDEEP

    1536:r2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+DPIC:rZv5PDwbjNrmAE+bIC

Score
10/10
discordratpersistenceratrootkitstealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTI5Mjg0MzMwMDQ3ODI1NTIxMA.Grp0nq.IltV2goLIM_c10bpfATLRoFvn6NwJdH5SZVh-

  • server_id

    1295375629696634901

Signatures

  • Discord RAT

    A RAT written in C# using Discord as a C2.

    stealerrootkitratpersistencediscordrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\GOTMYTOKENUBITCH.exe
    "C:\Users\Admin\AppData\Local\Temp\GOTMYTOKENUBITCH.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/844-0-0x00007FF91EF03000-0x00007FF91EF05000-memory.dmp

    Filesize

    8KB

    Download

  • memory/844-1-0x000001ED6CC10000-0x000001ED6CC28000-memory.dmp

    Filesize

    96KB

    Download

  • memory/844-2-0x000001ED6F260000-0x000001ED6F422000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/844-3-0x00007FF91EF00000-0x00007FF91F9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/844-4-0x000001ED6FA60000-0x000001ED6FF88000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/844-5-0x00007FF91EF03000-0x00007FF91EF05000-memory.dmp

    Filesize

    8KB

    Download

  • memory/844-6-0x00007FF91EF00000-0x00007FF91F9C1000-memory.dmp

    Filesize

    10.8MB

    Download