discordrat | 23bb32996f7d5e1f33ab05600c29642956edc6b262304035efab73f3b86feec9 | Triage

Sharing

General

Target

testpng.exe
Size

78KB
Sample

241213-x1lsbsxngz
MD5

98f6e65be9a95b6a0ccf9a5aacf89de5
SHA1

6d4e66094d5e332457d62ed2b9910bc229240d58
SHA256

23bb32996f7d5e1f33ab05600c29642956edc6b262304035efab73f3b86feec9
SHA512

7f05f2dff4a20415ffcc9cd3c0fb2b74499aca9ab59f73817a66e68bcf74b9915c908f4b076abbf6083d4cd29d88e3c2e2f0cf855068b66e112444ec7949284e
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+ayPIC:5Zv5PDwbjNrmAE+a+IC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxNzE1MTMxMDMxMDY3NDQ1Mw.GmAoQR.n9xRqZURsT5g3LGTtKYNBSjio3XuQpmLH7RLO0
server_id
1317163923350487151

Targets

- Target
  
  testpng.exe
- Size
  
  78KB
- MD5
  
  98f6e65be9a95b6a0ccf9a5aacf89de5
- SHA1
  
  6d4e66094d5e332457d62ed2b9910bc229240d58
- SHA256
  
  23bb32996f7d5e1f33ab05600c29642956edc6b262304035efab73f3b86feec9
- SHA512
  
  7f05f2dff4a20415ffcc9cd3c0fb2b74499aca9ab59f73817a66e68bcf74b9915c908f4b076abbf6083d4cd29d88e3c2e2f0cf855068b66e112444ec7949284e
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+ayPIC:5Zv5PDwbjNrmAE+a+IC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer