General
-
Target
yes.png
-
Size
158KB
-
Sample
250102-ndlpdayrhs
-
MD5
2364ecb2d3966d365806878891a7cc00
-
SHA1
35c38f9e237a3b942c16f36c90292ade83ab496f
-
SHA256
aae7699b056e19bc9fd9ba3c5aa7571c2505cdd50108ae71b9d31fc690109c82
-
SHA512
2b8d46a63b1843cb44516a4632c1f689b25a1e55610762534e875753f98b367c814dc5981d88edb562c21f18d9f5dfa9432f8997ac380af02b79f0ea51357859
-
SSDEEP
3072:YOSE3N6QqCZNm3HXTu18hI/+g8MWqkPctocnlN7OEMm066SfTwFd6VFc2UTQ:lSENqwNOw8hVF9c2clN6EbUAg3rTQ
Malware Config
Extracted
discordrat
-
discord_token
MTMxNDIxMDIwMzQzMjEyODU2Mw.GhBlwt.hbO8GJn91vND_gEg4AT5Lp73JGjBNWLXYo0V6Q
-
server_id
1314209193804435509
Targets
-
-
Target
yes.png
-
Size
158KB
-
MD5
2364ecb2d3966d365806878891a7cc00
-
SHA1
35c38f9e237a3b942c16f36c90292ade83ab496f
-
SHA256
aae7699b056e19bc9fd9ba3c5aa7571c2505cdd50108ae71b9d31fc690109c82
-
SHA512
2b8d46a63b1843cb44516a4632c1f689b25a1e55610762534e875753f98b367c814dc5981d88edb562c21f18d9f5dfa9432f8997ac380af02b79f0ea51357859
-
SSDEEP
3072:YOSE3N6QqCZNm3HXTu18hI/+g8MWqkPctocnlN7OEMm066SfTwFd6VFc2UTQ:lSENqwNOw8hVF9c2clN6EbUAg3rTQ
Score10/10-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-