Overview

overview

10

Static

static

10

Client-built.exe

windows7-x64

10

Client-built.exe

windows10-2004-x64

10

Resubmissions

12-12-2024 20:07

241212-ywg41sxqhr 10

12-12-2024 19:46

241212-yg65lavqe1 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    87KB

  • Sample

    241212-yg65lavqe1

  • MD5

    4032893250638d7caceeac4aceda0151

  • SHA1

    a0660b9561f6e2c2ebf85f8589a5225a167319e6

  • SHA256

    17a4492a3273db5b5fea77e13b7b17879e869e171e5c9ece9e25595e76a1da78

  • SHA512

    90d323bb653ecea74faaa14aaffd2dd97b6e55639aa90f5d6f207f7f59a1d081c2f69678c1a743859b61ea52ae5528df090246b9040959553a64869238f315b7

  • SSDEEP

    1536:jZDcWe+Vj5tyksII/Jnyt+Dy/UtKJtVHbwKPrh+NzxCxoKV6+UtX3z:jxcr/Jnh+Ut0HbwKPrh+zNtXj

Score
10/10
discordratpersistenceratrootkitstealer

Malware Config

Targets

    • Target

      Client-built.exe

    • Size

      87KB

    • MD5

      4032893250638d7caceeac4aceda0151

    • SHA1

      a0660b9561f6e2c2ebf85f8589a5225a167319e6

    • SHA256

      17a4492a3273db5b5fea77e13b7b17879e869e171e5c9ece9e25595e76a1da78

    • SHA512

      90d323bb653ecea74faaa14aaffd2dd97b6e55639aa90f5d6f207f7f59a1d081c2f69678c1a743859b61ea52ae5528df090246b9040959553a64869238f315b7

    • SSDEEP

      1536:jZDcWe+Vj5tyksII/Jnyt+Dy/UtKJtVHbwKPrh+NzxCxoKV6+UtX3z:jxcr/Jnh+Ut0HbwKPrh+zNtXj

    Score
    10/10
    discordratpersistenceratrootkitstealer

    • Contains code to disable Windows Defender

      A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks