discordrat | f3c95406a944d9e6df35a8f17febaa00daf080fc478ca26013b76e97bc43908c | Triage

Submit
Reports

Overview

overview

Static

static

1

jbib_diff_...1).jpg

windows7-x64

jbib_diff_...1).jpg

windows10-2004-x64

4

Resubmissions

20-10-2024 17:14

241020-vrzayszdng 10

Sharing

General

Target

jbib_diff_000_a_uni(1).jpg
Size

190KB
Sample

241020-vrzayszdng
MD5

9c9920f764bd16a3635adb681698ae0f
SHA1

bc8d106d45957134b3d3f2791061f940769fe85c
SHA256

f3c95406a944d9e6df35a8f17febaa00daf080fc478ca26013b76e97bc43908c
SHA512

c1a327ce1555d6c44c4a03d0ccb6189d8b37b2ff8a18a9030d9b8daa35d76753696690545837e6a82d6cf118b74463a916fa541d34be41152a6d23d269a1f0a5
SSDEEP

3072:+Tvz3QK7a2n176IwNSERk687VUProJYkBVpeGUqHWryvAA:+TvDQK7Z176IwQL687ujsYk3pYryvZ

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

Behavioral task

behavioral1

Sample

jbib_diff_000_a_uni(1).jpg

Resource

win7-20240903-en

discordrat discovery persistence rat rootkit stealer

windows7-x64

15 signatures

1800 seconds

Behavioral task

behavioral2

Sample

jbib_diff_000_a_uni(1).jpg

Resource

win10v2004-20241007-en

windows10-2004-x64

10 signatures

1800 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI5NzU0NzA0Njg5MDI0MjEwMQ.GELWdh._OhSohtWqcFkY9fIpOvvLPodmbGBTyDLehr1Ho
server_id
1297609577092616285

Targets

- Target
  
  jbib_diff_000_a_uni(1).jpg
- Size
  
  190KB
- MD5
  
  9c9920f764bd16a3635adb681698ae0f
- SHA1
  
  bc8d106d45957134b3d3f2791061f940769fe85c
- SHA256
  
  f3c95406a944d9e6df35a8f17febaa00daf080fc478ca26013b76e97bc43908c
- SHA512
  
  c1a327ce1555d6c44c4a03d0ccb6189d8b37b2ff8a18a9030d9b8daa35d76753696690545837e6a82d6cf118b74463a916fa541d34be41152a6d23d269a1f0a5
- SSDEEP
  
  3072:+Tvz3QK7a2n176IwNSERk687VUProJYkBVpeGUqHWryvAA:+TvDQK7Z176IwQL687ujsYk3pYryvZ
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

behavioral2

© 2018-2024

Terms | Privacy