discordrat | 84c1920fda9d8f7f58fbd1ac51f14f799f65ccc8e93b37f88990951397f8919d | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

241213-j97t9ssqfx
MD5

a8ea74cdecbe64b0e4b66e151df3c3aa
SHA1

e2f7becdd85cce54dce289714eb936b8d78228a0
SHA256

84c1920fda9d8f7f58fbd1ac51f14f799f65ccc8e93b37f88990951397f8919d
SHA512

c3ec2f8f7b7c71a8f60f892619a4ffed6067e9c3a09ead5fdeca72fcc200213d1dbea2521ea36e7e795427a034e2f7de14354e340876b3c813397a867bf1ce99
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+CPIC:5Zv5PDwbjNrmAE+uIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2NDUzOTAzMTYyMjkwOTk3NA.Gd9ogA.Sv9mSWEUZhZL_a3eWlE_MbCHTD-gxAlYG_NcLo
server_id
1317038310975078460

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  a8ea74cdecbe64b0e4b66e151df3c3aa
- SHA1
  
  e2f7becdd85cce54dce289714eb936b8d78228a0
- SHA256
  
  84c1920fda9d8f7f58fbd1ac51f14f799f65ccc8e93b37f88990951397f8919d
- SHA512
  
  c3ec2f8f7b7c71a8f60f892619a4ffed6067e9c3a09ead5fdeca72fcc200213d1dbea2521ea36e7e795427a034e2f7de14354e340876b3c813397a867bf1ce99
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+CPIC:5Zv5PDwbjNrmAE+uIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer