discordrat | d2ca967b6093ef03d38960444b4a9d9e30f332bc7ed86920096ea2310f32392e | Triage

Sharing

General

Target

NitroGenV3.rar
Size

26KB
Sample

241129-tvwtkavpax
MD5

292500ec750fddce7adfc0f8a9eb6c37
SHA1

38bb7ede05cb5e59231ad00ef2aee3031b8ce9a4
SHA256

d2ca967b6093ef03d38960444b4a9d9e30f332bc7ed86920096ea2310f32392e
SHA512

24d9cfa98da9196b25b930ff793c81de9f3f746c806ce3b618010ac820bb4ff84562fa19244c3c64494b089d1149ad21444c173bb1e7dee16c5c6878298deeb7
SSDEEP

768:3sxlp39QDgU2y47hmTmu0A66GItHfmiSvVyUdx+/I:cXpNQkUWtmTmu96jk+/v5d8I

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5Njg1MDA0NzU2NDkxNDcxOA.GrJUg1.lgWsOKN3lnatoZgt8R8bNns8frpVGolFi2OtF8
server_id
1196851278773485601

Targets

- Target
  
  NitroGenV3.exe
- Size
  
  78KB
- MD5
  
  508bbb8bf4efac317cfd1d9532bdebfe
- SHA1
  
  a145b6ab1d5543097ca09c7b936d532f718bc087
- SHA256
  
  1fd008d0c903210ebb97f0c7d15a2b03bbe28e5fc3ac296e5482f6926e3ee17e
- SHA512
  
  7e3dd45677be1df9c8c8a6e65e75454a9798eddaf8a6eb2db8207fe4f6e99378a7e87e5d8ee23dae403854aa19c0122ed97668567909cd60db6f6d1f376036f4
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+hPIC:5Zv5PDwbjNrmAE+xIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer