discordrat | 2ceab55fdcc8bee3e400ef8c6e7a122069b7048e23f6e5df4f09ae3a81708c92 | Triage

Sharing

General

Target

2ceab55fdcc8bee3e400ef8c6e7a122069b7048e23f6e5df4f09ae3a81708c92N
Size

78KB
Sample

241023-c3cbfsyemm
MD5

d344b357082279bbc8e663f5973e1aa0
SHA1

5ff3177049fda1d971ed640490e3d330c2966b3e
SHA256

2ceab55fdcc8bee3e400ef8c6e7a122069b7048e23f6e5df4f09ae3a81708c92
SHA512

b661449236b4b3d54955e76fc22715ad059b13ccdd226a852102c7cb9ff35f79607749422e27cf3f6f8cf7a69e34ec2215998cfa3601d271f958b13658f21b53
SSDEEP

1536:d2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+ZPIu:dZv5PDwbjNrmAE+pIu

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI4OTEwMTg2MzU4NDY2NTYzMg.GD-6LB.yiM8zkzK4aXylYFCUOlYXkhR7BZO-tseW-TfWI
server_id
1289102386337681470

Targets

- Target
  
  2ceab55fdcc8bee3e400ef8c6e7a122069b7048e23f6e5df4f09ae3a81708c92N
- Size
  
  78KB
- MD5
  
  d344b357082279bbc8e663f5973e1aa0
- SHA1
  
  5ff3177049fda1d971ed640490e3d330c2966b3e
- SHA256
  
  2ceab55fdcc8bee3e400ef8c6e7a122069b7048e23f6e5df4f09ae3a81708c92
- SHA512
  
  b661449236b4b3d54955e76fc22715ad059b13ccdd226a852102c7cb9ff35f79607749422e27cf3f6f8cf7a69e34ec2215998cfa3601d271f958b13658f21b53
- SSDEEP
  
  1536:d2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+ZPIu:dZv5PDwbjNrmAE+pIu
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer