discordrat | e3e6dda056e1e6da30a765b26a1a4aad2f77736403a475f549612c5836f950cc | Triage

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

250103-vjnt9atnf1
MD5

ca1f1d216f30fe7fc9096c8ec4b3df84
SHA1

64d1b2d48fddcff124356d18a6bbc26ffa4c8c66
SHA256

e3e6dda056e1e6da30a765b26a1a4aad2f77736403a475f549612c5836f950cc
SHA512

a086b0e2491b1a732e1ace9c175b7e2fd3db2cdc007519c32b719f0952fde771ecd4e081691abe74946539d74e36f72c167e5f7dbf67d38b4e8232b071dc7184
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+SPIC:5Zv5PDwbjNrmAE+eIC

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMyNDczMzg3Mzc1Nzc1MzM0NA.Gkn033.OQQv_AbqqPbf6kzNj7tP1oqqRytPV4DTChievM
server_id
1324733732040740955

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  ca1f1d216f30fe7fc9096c8ec4b3df84
- SHA1
  
  64d1b2d48fddcff124356d18a6bbc26ffa4c8c66
- SHA256
  
  e3e6dda056e1e6da30a765b26a1a4aad2f77736403a475f549612c5836f950cc
- SHA512
  
  a086b0e2491b1a732e1ace9c175b7e2fd3db2cdc007519c32b719f0952fde771ecd4e081691abe74946539d74e36f72c167e5f7dbf67d38b4e8232b071dc7184
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+SPIC:5Zv5PDwbjNrmAE+eIC
Score

10^/10

discordrat persistence rat rootkit stealer discovery
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratdiscoverypersistenceratrootkitstealer