discordrat | 9905bca893c593653c9e0ce81d7c3210e72e2ff0aa4ee8add2acb8b232588d2c | Triage

Submit
Reports

Overview

overview

Static

static

ezyzip.zip

windows10-1703-x64

Sharing

General

Target

ezyzip.zip
Size

444KB
Sample

241015-p5ewkszblm
MD5

97d6d15d4a781914c9f43aea5a1dec81
SHA1

da259b67f2ab08a096d905f3eccf1d329d38d958
SHA256

9905bca893c593653c9e0ce81d7c3210e72e2ff0aa4ee8add2acb8b232588d2c
SHA512

25720508072b8f3d31a9f40cd950c35c3a284a7bf30d82f75256b6c7f597b78d5ec5d8fb378733b327c9f01007ff4deea2aaa80888cac17ddc3e7a54bc2eec27
SSDEEP

12288:4ThcCVRKuZih6p8mbIhq/6mwI6rim6CaStHub+wZKUGJ6PaS:4ThcCVR1Zihgk3mwrtHxiCYPaS

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ezyzip.zip

Resource

win10-20240404-en

discordrat discovery persistence rat rootkit stealer

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  ezyzip.zip
- Size
  
  444KB
- MD5
  
  97d6d15d4a781914c9f43aea5a1dec81
- SHA1
  
  da259b67f2ab08a096d905f3eccf1d329d38d958
- SHA256
  
  9905bca893c593653c9e0ce81d7c3210e72e2ff0aa4ee8add2acb8b232588d2c
- SHA512
  
  25720508072b8f3d31a9f40cd950c35c3a284a7bf30d82f75256b6c7f597b78d5ec5d8fb378733b327c9f01007ff4deea2aaa80888cac17ddc3e7a54bc2eec27
- SSDEEP
  
  12288:4ThcCVRKuZih6p8mbIhq/6mwI6rim6CaStHub+wZKUGJ6PaS:4ThcCVR1Zihgk3mwrtHxiCYPaS
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy