discordrat | 17a4492a3273db5b5fea77e13b7b17879e869e171e5c9ece9e25595e76a1da78 | Triage

Submit
Reports

Overview

overview

Static

static

Client-built.exe

windows11-21h2-x64

Sharing

General

Target

Client-built.exe
Size

87KB
Sample

241212-yt78esxqem
MD5

4032893250638d7caceeac4aceda0151
SHA1

a0660b9561f6e2c2ebf85f8589a5225a167319e6
SHA256

17a4492a3273db5b5fea77e13b7b17879e869e171e5c9ece9e25595e76a1da78
SHA512

90d323bb653ecea74faaa14aaffd2dd97b6e55639aa90f5d6f207f7f59a1d081c2f69678c1a743859b61ea52ae5528df090246b9040959553a64869238f315b7
SSDEEP

1536:jZDcWe+Vj5tyksII/Jnyt+Dy/UtKJtVHbwKPrh+NzxCxoKV6+UtX3z:jxcr/Jnh+Ut0HbwKPrh+zNtXj

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Client-built.exe

Resource

win11-20241007-en

discordrat persistence rat rootkit stealer

windows11-21h2-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  Client-built.exe
- Size
  
  87KB
- MD5
  
  4032893250638d7caceeac4aceda0151
- SHA1
  
  a0660b9561f6e2c2ebf85f8589a5225a167319e6
- SHA256
  
  17a4492a3273db5b5fea77e13b7b17879e869e171e5c9ece9e25595e76a1da78
- SHA512
  
  90d323bb653ecea74faaa14aaffd2dd97b6e55639aa90f5d6f207f7f59a1d081c2f69678c1a743859b61ea52ae5528df090246b9040959553a64869238f315b7
- SSDEEP
  
  1536:jZDcWe+Vj5tyksII/Jnyt+Dy/UtKJtVHbwKPrh+NzxCxoKV6+UtX3z:jxcr/Jnh+Ut0HbwKPrh+zNtXj
Score

10^/10

discordrat persistence rat rootkit stealer
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

© 2018-2024

Terms | Privacy