discordrat | 10bd36dfb4925ddfaee7db512b7817221de4d368e5f1a942a840daca7ee4d471 | Triage

Sharing

General

Target

Optimizer.exe
Size

90KB
Sample

241205-vggyxszkar
MD5

f5403c35a45544ab22366678ba545300
SHA1

fa97dc6335393ecb5fa5a1a4486bc046928cab3f
SHA256

10bd36dfb4925ddfaee7db512b7817221de4d368e5f1a942a840daca7ee4d471
SHA512

1dd35b0740be1e67d6d0ce9612d7715d7b93ab256f15fe5b246a95d428d1529e80b734aebe97885924f909628b88dedcf5734d2771e2770178e57ab40ad5e77f
SSDEEP

1536:TbPjt72uOFmYskRPUAqtBTldwX0bpAkAfLgbGNrx+uexCxoKV6+fBOh:njtyuOFpskpgBTlukQgbGNrx+bSBS

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxNDI3MzAzODM0NjM1NDg4OQ.GerhzH.p3xm93fNXhu50VVCX6HxIEAGe1ONaL8JVAXBGw
server_id
1314272379903414344

Targets

- Target
  
  Optimizer.exe
- Size
  
  90KB
- MD5
  
  f5403c35a45544ab22366678ba545300
- SHA1
  
  fa97dc6335393ecb5fa5a1a4486bc046928cab3f
- SHA256
  
  10bd36dfb4925ddfaee7db512b7817221de4d368e5f1a942a840daca7ee4d471
- SHA512
  
  1dd35b0740be1e67d6d0ce9612d7715d7b93ab256f15fe5b246a95d428d1529e80b734aebe97885924f909628b88dedcf5734d2771e2770178e57ab40ad5e77f
- SSDEEP
  
  1536:TbPjt72uOFmYskRPUAqtBTldwX0bpAkAfLgbGNrx+uexCxoKV6+fBOh:njtyuOFpskpgBTlukQgbGNrx+bSBS
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer