discordrat | c41c0a3aff41ec17de75cd8f31f268f5063693743eb4639c907042574b3724ca | Triage

Submit
Reports

Overview

overview

Static

static

3

1324648543..._1.exe

windows10-2004-x64

Sharing

General

Target

1324648543721361449-1324648543402725396-Imagen-loro_1
Size

709KB
Sample

250103-krnjcawmgz
MD5

9141efe15618fa406c09c030e5595f9e
SHA1

9cef69b36e557260b20298f48d11148cc9b83230
SHA256

c41c0a3aff41ec17de75cd8f31f268f5063693743eb4639c907042574b3724ca
SHA512

4a23ca9a5d35b289d9b3db7433ed9d7345ab4154e49f5bb8a0df995f28fa3ac75d25114c2ee0ba6352d80b779c9e0e50b2644e31f801a71ec8075fdb32e668ef
SSDEEP

12288:zyveQB/fTHIGaPkKEYzURNAwbAgXJEOcCqcko1q+tKMm1CMyo:zuDXTIGaPhEYzUzA0jyFo1e1gbo

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1324648543721361449-1324648543402725396-Imagen-loro_1.exe

Resource

win10v2004-20241007-en

discordrat persistence rat rootkit stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMyNDU1MTY2MzgxNzU5MjgzMg.Gsv4Af.87VMMw-6giEs1pl29CsssUr3cLvco6RhvCUymA
server_id
1324552691812405278

Targets

- Target
  
  1324648543721361449-1324648543402725396-Imagen-loro_1
- Size
  
  709KB
- MD5
  
  9141efe15618fa406c09c030e5595f9e
- SHA1
  
  9cef69b36e557260b20298f48d11148cc9b83230
- SHA256
  
  c41c0a3aff41ec17de75cd8f31f268f5063693743eb4639c907042574b3724ca
- SHA512
  
  4a23ca9a5d35b289d9b3db7433ed9d7345ab4154e49f5bb8a0df995f28fa3ac75d25114c2ee0ba6352d80b779c9e0e50b2644e31f801a71ec8075fdb32e668ef
- SSDEEP
  
  12288:zyveQB/fTHIGaPkKEYzURNAwbAgXJEOcCqcko1q+tKMm1CMyo:zuDXTIGaPhEYzUzA0jyFo1e1gbo
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

© 2018-2025

Terms | Privacy