discordrat | hxxps://webtinq[.]nl/getorbitalxploit/index[.]html | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://webtinq.nl/g...

windows11-21h2-x64

Sharing

General

Target

https://webtinq.nl/getorbitalxploit/index.html
Sample

250101-sbyy5syqa1

Score

10^/10

discordrat defense_evasion discovery persistence rat rootkit stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://webtinq.nl/getorbitalxploit/index.html

Resource

win11-20241007-en

discordrat defense_evasion discovery persistence rat rootkit stealer

windows11-21h2-x64

29 signatures

300 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMyMjkzMDUwMjc4MDQ1NzA0MA.G-Oknz.TO4nTCOESqqwzv5-Ob_qYyDtcT60GdqwykyyMQ
server_id
1322930371872165898

Targets

- Target
  
  https://webtinq.nl/getorbitalxploit/index.html
Score

10^/10

discordrat defense_evasion discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Indicator Removal: Clear Windows Event Logs
  Clear Windows Event Logs to hide the activity of an intrusion.
  defense_evasion
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Indicator Removal

Clear Windows Event Logs

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

discordratdefense_evasiondiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy