discordrat | 1e5a4524dab6f1e4125043a7cdcfb6874c32a0514941ec4a90211f53efeef058 | Triage

Sharing

General

Target

CODEX17.exe
Size

307KB
Sample

241211-rjq3tswkbz
MD5

53cc7337eed07bbbe0172f0b64bc6245
SHA1

9b0ac7e0eaffdb6ed8af1501939f40bd798f6be0
SHA256

1e5a4524dab6f1e4125043a7cdcfb6874c32a0514941ec4a90211f53efeef058
SHA512

ff2ec069d7877fdc646dfaaba4d9525ef71c04c93936accdd1bc1bfe9ab873ab27cceb9c2d34d25f3b3e6d4e6bb4ece707b797d2f5672d73583e21a361fb333d
SSDEEP

6144:m2EUicOFEG3AFDmDbpM6/XETGNNjyhRJNJC32XENQ8NvN:m2rOXTfpNg+

Score

10^/10

discordrat defense_evasion discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMwODQxMjQ0MjIyODk1MzIwMA.GV9W16.iYVXo71VO-dFm-6aOmZjrpuYUGqFHWVGtkvM5Q
server_id
1316071968298111026

Targets

- Target
  
  CODEX17.exe
- Size
  
  307KB
- MD5
  
  53cc7337eed07bbbe0172f0b64bc6245
- SHA1
  
  9b0ac7e0eaffdb6ed8af1501939f40bd798f6be0
- SHA256
  
  1e5a4524dab6f1e4125043a7cdcfb6874c32a0514941ec4a90211f53efeef058
- SHA512
  
  ff2ec069d7877fdc646dfaaba4d9525ef71c04c93936accdd1bc1bfe9ab873ab27cceb9c2d34d25f3b3e6d4e6bb4ece707b797d2f5672d73583e21a361fb333d
- SSDEEP
  
  6144:m2EUicOFEG3AFDmDbpM6/XETGNNjyhRJNJC32XENQ8NvN:m2rOXTfpNg+
Score

10^/10

discordrat defense_evasion discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdefense_evasiondiscoverypersistenceratrootkitstealer