Overview

overview

10

Static

static

10

Discord rat.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Discord rat.exe

  • Size

    90KB

  • Sample

    241123-q3jx7awjhx

  • MD5

    d74728a955861daf303ff42c7f572d16

  • SHA1

    a73b4d871a4caec1700349de9b5f7dbf4ba59f7b

  • SHA256

    1f3b8599d811004b6d52d543e451555944c3c4dc2893d04a370a0874e99c82af

  • SHA512

    73c271de7061e53b91079636d99f1967ce922bf47c14539569b2f0f3a9b6628bc4cc1fd9a7d7cb1e10bdfc95c8ce49e0a0f3a815cf5810f44a5c2b35ba116e69

  • SSDEEP

    1536:ibPjt72uOFmYskRPUAqtBTldwX0bpAkAfLgbGNrk+uexCxoKV6+fEX85:EjtyuOFpskpgBTlukQgbGNrk+bSEXQ

Score
10/10
discordratpersistenceratrootkitspywarestealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTMwOTg3NTA0MzA1MTg5Njk1NA.GTR-3U.C7tazMXoRaSR--tVDMbQdoDKBw2f8bLXItZIRo

  • server_id

    1309876526615101530

Targets

    • Target

      Discord rat.exe

    • Size

      90KB

    • MD5

      d74728a955861daf303ff42c7f572d16

    • SHA1

      a73b4d871a4caec1700349de9b5f7dbf4ba59f7b

    • SHA256

      1f3b8599d811004b6d52d543e451555944c3c4dc2893d04a370a0874e99c82af

    • SHA512

      73c271de7061e53b91079636d99f1967ce922bf47c14539569b2f0f3a9b6628bc4cc1fd9a7d7cb1e10bdfc95c8ce49e0a0f3a815cf5810f44a5c2b35ba116e69

    • SSDEEP

      1536:ibPjt72uOFmYskRPUAqtBTldwX0bpAkAfLgbGNrk+uexCxoKV6+fEX85:EjtyuOFpskpgBTlukQgbGNrk+bSEXQ

    Score
    10/10
    discordratpersistenceratrootkitspywarestealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat

    • Downloads MZ/PE file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks