discordrat | cdb078b82903d83163bf975613a8006226d21a03a2d1b8eea4b9285ce67544aa | Triage

Submit
Reports

Overview

overview

Static

static

1

OjJUHZqY.html

windows10-2004-x64

Sharing

General

Target

OjJUHZqY
Size

2KB
Sample

250120-wx25gasmcv
MD5

f1bf7634d402c200749c2e7cf9ea5a8f
SHA1

56b6dff171bdda0849090254c5fc93309fd95d4e
SHA256

cdb078b82903d83163bf975613a8006226d21a03a2d1b8eea4b9285ce67544aa
SHA512

28a8964ea22982a83e7af00d147bca665e441b3a595e3126517dd8c04d3716b94e0d429451c938e346955026d41132a1e626e721fb2b4b6c2147f03444f826b9

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

Behavioral task

behavioral1

Sample

OjJUHZqY.html

Resource

win10v2004-20241007-en

discordrat discovery persistence rat rootkit stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMzMDU3MDM3MDMzNTY0MTY0MA.Gac_DS.HeVHzigazhAbTSurvP_yMNkYqokjSmMw_upwMA
server_id
1330570620114698341

Targets

- Target
  
  OjJUHZqY
- Size
  
  2KB
- MD5
  
  f1bf7634d402c200749c2e7cf9ea5a8f
- SHA1
  
  56b6dff171bdda0849090254c5fc93309fd95d4e
- SHA256
  
  cdb078b82903d83163bf975613a8006226d21a03a2d1b8eea4b9285ce67544aa
- SHA512
  
  28a8964ea22982a83e7af00d147bca665e441b3a595e3126517dd8c04d3716b94e0d429451c938e346955026d41132a1e626e721fb2b4b6c2147f03444f826b9
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy