Overview

overview

10

Static

static

10

Client-built.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    78KB

  • Sample

    241019-d2k3msvare

  • MD5

    8500fa817aaf7bd8f5dcfbdd4349113c

  • SHA1

    adf69021bccf0b921054733e150a50d6ceddcf38

  • SHA256

    3646da9cc1bc925b19c4201d42dffe7b081b6ef669df4640afe6906b75255e97

  • SHA512

    d06dcee6600cbaf568816f63dc33d05e35309a5ef5a2bb3628191db7a86890720aeda79e3b50bb2a7fc0ce050730a0d154d9fe849ec98303e4d483f3edd11d44

  • SSDEEP

    1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+oPIC:5Zv5PDwbjNrmAE+sIC

Score
10/10
discordratevasionpersistenceratrootkitspywarestealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTI5NzAyNTkxODU0Nzc5MTk1Mw.GCZwQh.vmOtb2lv8_CvB7LE33XNynsJYJxp3cni1mBINY

  • server_id

    1297025877313585163

Targets

    • Target

      Client-built.exe

    • Size

      78KB

    • MD5

      8500fa817aaf7bd8f5dcfbdd4349113c

    • SHA1

      adf69021bccf0b921054733e150a50d6ceddcf38

    • SHA256

      3646da9cc1bc925b19c4201d42dffe7b081b6ef669df4640afe6906b75255e97

    • SHA512

      d06dcee6600cbaf568816f63dc33d05e35309a5ef5a2bb3628191db7a86890720aeda79e3b50bb2a7fc0ce050730a0d154d9fe849ec98303e4d483f3edd11d44

    • SSDEEP

      1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+oPIC:5Zv5PDwbjNrmAE+sIC

    Score
    10/10
    discordratevasionpersistenceratrootkitspywarestealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Disables Task Manager via registry modification

      evasion

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks