discordrat | d8509ebf7284c41de1216b477c77b639a071cb34757695e45f92e8014b5afb32 | Triage

Resubmissions

12-12-2024 20:14

241212-yz7tvawmfy 10

11-12-2024 09:37

241211-llymssxjfz 10

Sharing

General

Target

MegamiBootstrapper.rar
Size

26KB
Sample

241211-llymssxjfz
MD5

1762a31deaa49270c860a2bb4bb7db5f
SHA1

caac4114c20075fe8730b9e1da84ac77eed3c022
SHA256

d8509ebf7284c41de1216b477c77b639a071cb34757695e45f92e8014b5afb32
SHA512

1e3d10c110c5858db7a4add49d83dee3f981cab91536c8876ea477963e51e32c318f88ace64881065276a016d7bb2b9618e34f2f53bf68b6cc244eba9a23bb3b
SSDEEP

384:T9YI/BNY0xjvRF8tmA2MXnd2F/v1gkRi5510OjvH+lAR0PpAH3dI6drmpJSMWE:TqgcA5CtmA2cd2FmhJGM0RAXaMrmKY

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxNjMwNDYxNDMzMjgyNTYxMA.GfkKyi.futKLbxb-b4NGCE9C3S0QF42BNSIJ4UKJomCTY
server_id
1316299088035315712

Targets

- Target
  
  Megami Bootstrapper/Megami Tensai/Bootstrapper.exe
- Size
  
  78KB
- MD5
  
  ffd62c8367d0e9a94754d30b539375ba
- SHA1
  
  277ffd73105ff10e76925bde564847fe00417dbe
- SHA256
  
  fc4f75bd9d94a5079beada7947d2993ba793d9adb0499300362d4974641e160c
- SHA512
  
  122943f96bb9ef431eba70c6c5e7ea83234256021fc8f69a6e4d48bd1e8ab1f21d5bb0892d15d00139e87a95d9866429c8df59a6b87127f84039789ffa3702b5
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+VPIC:5Zv5PDwbjNrmAE+FIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer