discordrat | 0b724ef200f05af4c3bf9adaa4b31477e02dac5ef0fe677f88c83f65e458b91d | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

241016-p2l6gszgjf
MD5

beab68118509062b3d37611dfde20bb5
SHA1

ba1f34b8dfc18b6e026af27c79ae6bb1f6ad4891
SHA256

0b724ef200f05af4c3bf9adaa4b31477e02dac5ef0fe677f88c83f65e458b91d
SHA512

1d54acd950ffbacef086fb81ca984247bd28205dd6d6948ef9ae3c3d72d59a4cf5296acec0777860acc7c055ea5b5d5d61453052e0d969525e231034f04f3e4a
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+vPIC:5Zv5PDwbjNrmAE+XIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTAyMjUwODQxOTAzNjQ4Nzc3Mg.G_SgNV.8U64DWiJ17peXTz2s5VT3lVZ3cjNhtn4IR6HIY
server_id
1296087089737236512

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  beab68118509062b3d37611dfde20bb5
- SHA1
  
  ba1f34b8dfc18b6e026af27c79ae6bb1f6ad4891
- SHA256
  
  0b724ef200f05af4c3bf9adaa4b31477e02dac5ef0fe677f88c83f65e458b91d
- SHA512
  
  1d54acd950ffbacef086fb81ca984247bd28205dd6d6948ef9ae3c3d72d59a4cf5296acec0777860acc7c055ea5b5d5d61453052e0d969525e231034f04f3e4a
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+vPIC:5Zv5PDwbjNrmAE+XIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer