discordrat | d621cd3aa3adc02c26daf4ffe4da673c4cad67a9d02cb6a0e43c278f8c290b07 | Triage

Resubmissions

13-12-2024 16:17

241213-trgkgatngv 10

13-12-2024 15:57

241213-td5p5svpal 10

Sharing

General

Target

chrome‮gpj.exe
Size

372KB
Sample

241213-td5p5svpal
MD5

8cadd36be12b3cd44d9c50fc3008e394
SHA1

8fa3308090c3aee5f61da184655aea845b8761fe
SHA256

d621cd3aa3adc02c26daf4ffe4da673c4cad67a9d02cb6a0e43c278f8c290b07
SHA512

e07ad462c95c9bd59aaade09c9c1fb324026c4291bf57bbd657715dc3377d6ce2bf55ab52e7c334f7a42693774c24db2c46d3a5599c6dfa81c464a7149abff72
SSDEEP

3072:5n2Af+SLiJO+Y7mR9USl6yOiGB3PSQQivLXdn+mvo+vuChrZtwkYZBwOepe4PUe6:UE+yclwQKjdn+WPtYVJIoBfYgCiVII

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxNzE1MTMxMDMxMDY3NDQ1Mw.GKLp3H.CULEGtm2KgLqJoKC0S7wJsZGE2slaPIFOXFieM
server_id
1189257292844122132

Targets

- Target
  
  chrome‮gpj.exe
- Size
  
  372KB
- MD5
  
  8cadd36be12b3cd44d9c50fc3008e394
- SHA1
  
  8fa3308090c3aee5f61da184655aea845b8761fe
- SHA256
  
  d621cd3aa3adc02c26daf4ffe4da673c4cad67a9d02cb6a0e43c278f8c290b07
- SHA512
  
  e07ad462c95c9bd59aaade09c9c1fb324026c4291bf57bbd657715dc3377d6ce2bf55ab52e7c334f7a42693774c24db2c46d3a5599c6dfa81c464a7149abff72
- SSDEEP
  
  3072:5n2Af+SLiJO+Y7mR9USl6yOiGB3PSQQivLXdn+mvo+vuChrZtwkYZBwOepe4PUe6:UE+yclwQKjdn+WPtYVJIoBfYgCiVII
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer