discordrat | 2e1b2c22442cbe77792a684fa7ebec8a39209f7692932cd4907491e3c11bbcd5 | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

241206-2axt5axkan
MD5

aac08a029a463c92792d3318f4d21658
SHA1

691b4e016e9d14fec5e9de17300dcea40f642b33
SHA256

2e1b2c22442cbe77792a684fa7ebec8a39209f7692932cd4907491e3c11bbcd5
SHA512

7990389fe25a42822db4bd64d3770f1be2845f93f8a56ab4f04ca8e100ffdf2b62bddf5ca4f3396dbe0a0375b59d77a10d32a6d0cf419f2242d73efd1550e841
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+DPIC:5Zv5PDwbjNrmAE+bIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2ODI5MjQyNjQxODg4NDY4OQ.G62YET.J8LTC1RMCP6kuOE27RdetjQRLSaa95z8ZyFo5c
server_id
1267314157796069408

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  aac08a029a463c92792d3318f4d21658
- SHA1
  
  691b4e016e9d14fec5e9de17300dcea40f642b33
- SHA256
  
  2e1b2c22442cbe77792a684fa7ebec8a39209f7692932cd4907491e3c11bbcd5
- SHA512
  
  7990389fe25a42822db4bd64d3770f1be2845f93f8a56ab4f04ca8e100ffdf2b62bddf5ca4f3396dbe0a0375b59d77a10d32a6d0cf419f2242d73efd1550e841
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+DPIC:5Zv5PDwbjNrmAE+bIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer