discordrat | daa9a722b82d251a4db096f7ec24308b21f8e1e357233d67268ed09b6d9ca6ab | Triage

Sharing

General

Target

Bootstrapper.exe
Size

78KB
Sample

250104-qq1p6stmfj
MD5

002260e88f41f37e23cd07a7c17fb4c7
SHA1

eeaa37f667f876970941009cbc02cfe350b0ff49
SHA256

daa9a722b82d251a4db096f7ec24308b21f8e1e357233d67268ed09b6d9ca6ab
SHA512

f964f68913c611e63903dedf213c1f983948f5eb548faaa3549c8353db116bc5952c23a56b39cd718746d7f6a8b59792e16cd9cc68fc767f8a961ba76e7f6718
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+4PIC:5Zv5PDwbjNrmAE+cIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMyNTA4NjM1OTY5MzU1Nzg2MA.Gy12zF.Ez60W13rQoYrcb7hHtY3BMQfSniXY4txdPYX7I
server_id
1325061927801458719

Targets

- Target
  
  Bootstrapper.exe
- Size
  
  78KB
- MD5
  
  002260e88f41f37e23cd07a7c17fb4c7
- SHA1
  
  eeaa37f667f876970941009cbc02cfe350b0ff49
- SHA256
  
  daa9a722b82d251a4db096f7ec24308b21f8e1e357233d67268ed09b6d9ca6ab
- SHA512
  
  f964f68913c611e63903dedf213c1f983948f5eb548faaa3549c8353db116bc5952c23a56b39cd718746d7f6a8b59792e16cd9cc68fc767f8a961ba76e7f6718
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+4PIC:5Zv5PDwbjNrmAE+cIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer