discordrat | 6ef83e78b5817a59e60586178ad65d62c7ee276de0856efe46d779eb71ac284b | Triage

Sharing

General

Target

Rat File.exe
Size

78KB
Sample

250118-lrs99s1jan
MD5

afdd8db69d23edca3054975c3e0f6275
SHA1

81ae7362456cfcb06daba73b9afb5c722f2e601a
SHA256

6ef83e78b5817a59e60586178ad65d62c7ee276de0856efe46d779eb71ac284b
SHA512

54faf0b96a77f39b9378cc3bf35471496066c97cdeab14cf8149d052223d20174bb0edd2ee940e126895b314892b2799deebaba7ee30650ad1bf81baf1b76a1f
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+lPIC:5Zv5PDwbjNrmAE+1IC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMzMDAzNjgwMTI4MDI3ODU0MA.GRCyik.akyqABkEfx6z8SsPeU1HYq2SMx4vBoliOsmdiE
server_id
1330037194878095453

Targets

- Target
  
  Rat File.exe
- Size
  
  78KB
- MD5
  
  afdd8db69d23edca3054975c3e0f6275
- SHA1
  
  81ae7362456cfcb06daba73b9afb5c722f2e601a
- SHA256
  
  6ef83e78b5817a59e60586178ad65d62c7ee276de0856efe46d779eb71ac284b
- SHA512
  
  54faf0b96a77f39b9378cc3bf35471496066c97cdeab14cf8149d052223d20174bb0edd2ee940e126895b314892b2799deebaba7ee30650ad1bf81baf1b76a1f
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+lPIC:5Zv5PDwbjNrmAE+1IC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer