discordrat | 463a64d183f90599991de74c1b48330ad796fcd7aa733ac1a9be131eaa80618c | Triage

Submit
Reports

Overview

overview

Static

static

1

pepe.jpg

windows10-2004-x64

Resubmissions

02-01-2025 10:49

250102-mwm5gsylbw 10

02-01-2025 10:39

250102-mpzvps1lal 10

Sharing

General

Target

pepe.jpg
Size

9KB
Sample

250102-mwm5gsylbw
MD5

75494425adf92da992dc799a556f65ea
SHA1

03a82524d97f766d2cd7305e45566e560197a512
SHA256

463a64d183f90599991de74c1b48330ad796fcd7aa733ac1a9be131eaa80618c
SHA512

20ddaec720ba304b644a010bfb3676fe13f64d9e7099e333051e5db43e2563d983fab29565e5f7902b017217ff450f5ce9ad68f2fa155ec780bbdd2914a117f7
SSDEEP

192:PT5eLK+PqoNaK7HrML4vT4ZkGorW+1ewk108rCqbWOqQlW:PlCBbw2xrWkb8rCqKqW

Score

10^/10

discordrat discovery persistence phishing rat rootkit stealer

Static task

static1

Behavioral task

behavioral1

Sample

pepe.jpg

Resource

win10v2004-20241007-en

discordrat discovery persistence phishing rat rootkit stealer

windows10-2004-x64

25 signatures

300 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMyMzc2MTI5NjA3MTU5NDEyNg.G0ASX3.LfapSCo6skLNItfgDwfo6n_Irw9dpx2tIPS30I
server_id
1322790854867292273

Targets

- Target
  
  pepe.jpg
- Size
  
  9KB
- MD5
  
  75494425adf92da992dc799a556f65ea
- SHA1
  
  03a82524d97f766d2cd7305e45566e560197a512
- SHA256
  
  463a64d183f90599991de74c1b48330ad796fcd7aa733ac1a9be131eaa80618c
- SHA512
  
  20ddaec720ba304b644a010bfb3676fe13f64d9e7099e333051e5db43e2563d983fab29565e5f7902b017217ff450f5ce9ad68f2fa155ec780bbdd2914a117f7
- SSDEEP
  
  192:PT5eLK+PqoNaK7HrML4vT4ZkGorW+1ewk108rCqbWOqQlW:PlCBbw2xrWkb8rCqKqW
Score

10^/10

discordrat discovery persistence phishing rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Downloads MZ/PE file
- A potential corporate email address has been identified in the URL: currency-file@1
  phishing
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistencephishingratrootkitstealer

© 2018-2025

Terms | Privacy