discordrat | hxxps://www[.]mediafire[.]com/file/lzqh7a51dbxgq1d/rat[.]rar/file | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

windows10-ltsc 2021-x64

Sharing

General

Target

https://www.mediafire.com/file/lzqh7a51dbxgq1d/rat.rar/file
Sample

241216-cfm5faxrgs

Score

10^/10

discordrat defense_evasion discovery persistence privilege_escalation rat rootkit spyware stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://www.mediafire.com/file/lzqh7a51dbxgq1d/rat.rar/file

Resource

win10ltsc2021-20241211-en

discordrat defense_evasion discovery persistence privilege_escalation rat rootkit spyware stealer

windows10-ltsc 2021-x64

19 signatures

300 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxODAxMTg5MDMxMTYyNjg2Mw.GL2Ywp.IrZ_8fak_Vey9qZYWp8-oA_9ozARIvdVVsg8cA
server_id
1318011471380353114

Targets

- Target
  
  https://www.mediafire.com/file/lzqh7a51dbxgq1d/rat.rar/file
Score

10^/10

discordrat defense_evasion discovery persistence privilege_escalation rat rootkit spyware stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Downloads MZ/PE file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Abuse Elevation Control Mechanism: Bypass User Account Control
  UAC Bypass Attempt via SilentCleanup Task.
  defense_evasion privilege_escalation
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

discordratdefense_evasiondiscoverypersistenceprivilege_escalationratrootkitspywarestealer

© 2018-2025

Terms | Privacy