discordrat | 5f037f6aa2a4f018d462a0b636bbce9ee0c5df16e2d4a7535e0b0539c19ef772 | Triage

Sharing

General

Target

Yizzymenu3.PNMu_O27.5.0.exe.part
Size

78KB
Sample

241017-3kqn8ssgmh
MD5

1c89810efb6940a313a1c4fe4dc0becf
SHA1

c24f3be128e54d65bc4a0307c2b6b7fe15a7ef02
SHA256

5f037f6aa2a4f018d462a0b636bbce9ee0c5df16e2d4a7535e0b0539c19ef772
SHA512

c4f92971ef66215b415a7d3c1de433dbec63c9f9d9e26c8822b3dc2041939e9a95c72f80274d3995d452a4567ca208cc8434fe6ce0c65af5c443860f12138eac
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+hPIC:5Zv5PDwbjNrmAE+xIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI5NDg3MDQ2MDkzMjI5Njg0Ng.GN6Nk1.90eLf8IhopBLV0mFSsHaYOzQGeDi8ASxB0uhPo
server_id
1294871305002160199

Targets

- Target
  
  Yizzymenu3.PNMu_O27.5.0.exe.part
- Size
  
  78KB
- MD5
  
  1c89810efb6940a313a1c4fe4dc0becf
- SHA1
  
  c24f3be128e54d65bc4a0307c2b6b7fe15a7ef02
- SHA256
  
  5f037f6aa2a4f018d462a0b636bbce9ee0c5df16e2d4a7535e0b0539c19ef772
- SHA512
  
  c4f92971ef66215b415a7d3c1de433dbec63c9f9d9e26c8822b3dc2041939e9a95c72f80274d3995d452a4567ca208cc8434fe6ce0c65af5c443860f12138eac
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+hPIC:5Zv5PDwbjNrmAE+xIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer