Overview

overview

10

Static

static

3

Prueba.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Prueba.exe

  • Size

    734KB

  • Sample

    241205-b4bkwaxndj

  • MD5

    ead9eecb8544f43316a2b9858c490ceb

  • SHA1

    3b6cb5c897b50b0d62f10db989675c7ea2604a40

  • SHA256

    595c782002f8bbe8fda1355c083d09fce66cc9a31b88e9e7716bb1813f722c46

  • SHA512

    ada72914c385c704a4c4ac02801a829cf4598a904d38832c1c08ed01b9caa05646e3c11eaa4d0e51ab6caf27b5acc4a19e745547f2fda0ec1090a6a8c2c472d7

  • SSDEEP

    12288:eCQjgAtAHM+vetZxF5EWry8AJGy0yHCWUepOgAL34UYkCesk/tI2M2:e5ZWs+OZVEWry8AFBBUguYMM2

Score
10/10
discordratpersistenceratrootkitstealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTIyMDE2MzY5NjExMDczNTUwMg.GWK3b8.OVQi1yFkuDO7tIvLreocpCuzyJku7czce0poHo

  • server_id

    1145666332986191892

Targets

    • Target

      Prueba.exe

    • Size

      734KB

    • MD5

      ead9eecb8544f43316a2b9858c490ceb

    • SHA1

      3b6cb5c897b50b0d62f10db989675c7ea2604a40

    • SHA256

      595c782002f8bbe8fda1355c083d09fce66cc9a31b88e9e7716bb1813f722c46

    • SHA512

      ada72914c385c704a4c4ac02801a829cf4598a904d38832c1c08ed01b9caa05646e3c11eaa4d0e51ab6caf27b5acc4a19e745547f2fda0ec1090a6a8c2c472d7

    • SSDEEP

      12288:eCQjgAtAHM+vetZxF5EWry8AJGy0yHCWUepOgAL34UYkCesk/tI2M2:e5ZWs+OZVEWry8AFBBUguYMM2

    Score
    10/10
    discordratpersistenceratrootkitstealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks