discordrat | d38d52777b043c46f4f241c8a1eeda0d08b12505e25a8c1a397510a2ef4a56df | Triage

Sharing

General

Target

ImageLoggerV11.exe
Size

78KB
Sample

241018-srv77atfmf
MD5

d47e60cdf412679d941d7b856de3c03b
SHA1

cf691f86748de092b9cc53e7b8dea2bbf93b5882
SHA256

d38d52777b043c46f4f241c8a1eeda0d08b12505e25a8c1a397510a2ef4a56df
SHA512

930dee3eaafbd97ca4f0e532232dd335924951cc15dc7869f7202b21906ad5648d77f98668020ea504462aecad268b61b47c1235e35c07ee5cfb0de227bf7498
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+IPIC:5Zv5PDwbjNrmAE+MIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI4MjMzMjU4Njg1MjYxODMxMw.GVoFcd.wdWPIpLUemPy5G5hca2UTsOqgZ9t0eCcUCVik8
server_id
1282332626874794170

Targets

- Target
  
  ImageLoggerV11.exe
- Size
  
  78KB
- MD5
  
  d47e60cdf412679d941d7b856de3c03b
- SHA1
  
  cf691f86748de092b9cc53e7b8dea2bbf93b5882
- SHA256
  
  d38d52777b043c46f4f241c8a1eeda0d08b12505e25a8c1a397510a2ef4a56df
- SHA512
  
  930dee3eaafbd97ca4f0e532232dd335924951cc15dc7869f7202b21906ad5648d77f98668020ea504462aecad268b61b47c1235e35c07ee5cfb0de227bf7498
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+IPIC:5Zv5PDwbjNrmAE+MIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer