discordrat | ec705050788da27ba95d24a7193bba431a2c269e76a8d43de1fc7fc4de49a833 | Triage

Submit
Reports

Overview

overview

Static

static

WinSysUpdater.exe

windows11-21h2-x64

Sharing

General

Target

WinSysUpdater.bat
Size

78KB
Sample

241104-ty4zcatcpp
MD5

3a7ba5dc9dc4440dfda51f6b896bf8d4
SHA1

e9b9929636b6956123d9c5e3b97e794c34ee144d
SHA256

ec705050788da27ba95d24a7193bba431a2c269e76a8d43de1fc7fc4de49a833
SHA512

9f53d5798955422148461c375cbc5eed9c84be71576fb93e0a07c3a0a5c35e89608d248d2c516903a0fce8b79106042b0046147dd6f13cafdcd86928219e766c
SSDEEP

1536:c2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+6PIm:cZv5PDwbjNrmAE+mIm

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

WinSysUpdater.exe

Resource

win11-20241007-en

discordrat persistence rat rootkit stealer

windows11-21h2-x64

13 signatures

1800 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMwMjgzMDcxMjAxNzM4NzU3Mg.GyQnUS.SxpKuBXZ9K_mg_8_GUInFqHsiwyeBPIua6YOAA
server_id
1302293783269867540

Targets

- Target
  
  WinSysUpdater.bat
- Size
  
  78KB
- MD5
  
  3a7ba5dc9dc4440dfda51f6b896bf8d4
- SHA1
  
  e9b9929636b6956123d9c5e3b97e794c34ee144d
- SHA256
  
  ec705050788da27ba95d24a7193bba431a2c269e76a8d43de1fc7fc4de49a833
- SHA512
  
  9f53d5798955422148461c375cbc5eed9c84be71576fb93e0a07c3a0a5c35e89608d248d2c516903a0fce8b79106042b0046147dd6f13cafdcd86928219e766c
- SSDEEP
  
  1536:c2WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+6PIm:cZv5PDwbjNrmAE+mIm
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

© 2018-2024

Terms | Privacy