General
-
Target
ArtizSpoofer.exe
-
Size
754KB
-
Sample
241101-12t2watrgw
-
MD5
6acfea45476f3c8275adecfb6149c1eb
-
SHA1
ad1aefa00af182291a6245f55b4d5caf8481c890
-
SHA256
c286dd7d49f77c6eac8f71f0a05100952267daba14f6822f45fa09e1a0d8689d
-
SHA512
71fa16fcd8cafe8a601bdfbd900124e8532f5e9786952470fe774ab7a87ca97c0010f85a2c1fe2b207d268c9be8eaefe43db08bf355370e5c7a27e82c32c4e34
-
SSDEEP
12288:oyveQB/fTHIGaPkKEYzURNAgbAgxuWPO+FODpYck9uG00GVPK0AXP9Iv:ouDXTIGaPhEYzUzAkjP50DpYL9Phpk
Malware Config
Extracted
discordrat
-
discord_token
MTI4NzQ1MjcyODY5OTkxMjIzOA.Gs-HVT.Zxew5iX3Vp5r6QkGj4lVI3c5zxWxLk-pCrIn2U
-
server_id
1287817970042667099
Targets
-
-
Target
ArtizSpoofer.exe
-
Size
754KB
-
MD5
6acfea45476f3c8275adecfb6149c1eb
-
SHA1
ad1aefa00af182291a6245f55b4d5caf8481c890
-
SHA256
c286dd7d49f77c6eac8f71f0a05100952267daba14f6822f45fa09e1a0d8689d
-
SHA512
71fa16fcd8cafe8a601bdfbd900124e8532f5e9786952470fe774ab7a87ca97c0010f85a2c1fe2b207d268c9be8eaefe43db08bf355370e5c7a27e82c32c4e34
-
SSDEEP
12288:oyveQB/fTHIGaPkKEYzURNAgbAgxuWPO+FODpYck9uG00GVPK0AXP9Iv:ouDXTIGaPhEYzUzAkjP50DpYL9Phpk
Score10/10-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-