discordrat | b325e52505d072c1fdd0ae9dd321f1b25ad0e8178fb1d6f319e74a60caba3b33 | Triage

Sharing

General

Target

Moon cheats v12.43.zip
Size

92KB
Sample

241220-eqz8vszmgj
MD5

efff4ce14382705be87dec00512e60d6
SHA1

fd800643d0de91909bf6016fd0435ac34e0e4429
SHA256

b325e52505d072c1fdd0ae9dd321f1b25ad0e8178fb1d6f319e74a60caba3b33
SHA512

0754050411123dcd2fdc42fc348abeb184c2fe5fae1bf8834c04ef4c75d5471953a4865f096917865fc27f04c36ff2aee87964f302d2be88acd2d34656bff7f7
SSDEEP

1536:c8WTQv7+zn+D6tJbAhLc0EAfIa0ni9Q9hUuE4uHtszOozfXH6C8:vWMYhtJUhLcVHni9XuNOoLXHm

Score

10^/10

discordrat execution persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxMTU0ODcwMzk2NTg0MzUxNg.Ggsut3.3K-qLNVEQ_ywB-cEYGUfluyiKgEzaSDxbZqGd8
server_id
1311541606738038905

Targets

- Target
  
  Moon cheats v12.43/Moon cheats/Moon cheats.exe
- Size
  
  78KB
- MD5
  
  4647136e230a739df53a9ee42b5356f4
- SHA1
  
  2bac96e90e616048142376bb76f0cbc40ce065b9
- SHA256
  
  2169e8be10db2c2d7ab609fa588b1b1beae2a48aa267f3744b7ac630d167b364
- SHA512
  
  07e7cf9b7d31179e219ac7ef8505ce1c41496a9c636bb6f5a85102a02862cfec020577f1d0535b26fe3fe4bfae3282f451901c85e2c87efc4809ef6804d88be1
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+rPIC:5Zv5PDwbjNrmAE+DIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Moon cheats v12.43/mod.cs
- Size
  
  19KB
- MD5
  
  27eb65b648e68c4e17cb9f0b3ef22728
- SHA1
  
  22e30dedbc41b819ec800aee53cce67b475c3a97
- SHA256
  
  eca27affe4adb5ee9cd8107e8db7d9afb7de91c6c5394505d7869369a7cd935b
- SHA512
  
  417f532c05c989f47dbf7dad6ed05b9d9c8fec042c515af5ffa1b2d5c552ad09b4438a0cd15ba17de04c51a9d8aa21b08624a200de736fc8f14b5eae8e7b35ef
- SSDEEP
  
  384:HK/ZLQQrniFi6HBAUGoOXDWfnLrPH6Uze1J9W73pQmu4VmP:8ZLQmniFi+GoOXDWfnLL6Uze1J9y3pQZ
Score

3^/10

execution
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer

behavioral3

behavioral4