Analysis
-
max time kernel
63s -
max time network
64s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
21-11-2024 21:52
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
Client-built.exe
-
Size
78KB
-
MD5
fddc15228128cda4a0f9c08021120ef5
-
SHA1
48e2c79ed22db8dac4193fc805347921c1fc1b58
-
SHA256
9fa12cb31372f18bc50dbdcdd6f4762ee70f31e0aaea388982a9d3e690db4c10
-
SHA512
59e05c1dde0cbb6d0c9851948cb1e3bd22577ba4d516668ce21449537d94844996c839d2e21692537b276d96a13cf626d019117dcc94d9d5fa6fc733f3bed805
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+vPIC:5Zv5PDwbjNrmAE+XIC
Score
10/10
Malware Config
Extracted
Family
discordrat
Attributes
-
discord_token
MTMwOTE3MjAyNzkwMjM5NDQyMg.GIC5i6.qynLbLpEV6yFan9O40eYgKc8Uo5ZcYtNSNfLtA
-
server_id
1309172409353637929
Signatures
-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1736 Client-built.exe