General
-
Target
8154682cec02091222abfb10fcd7c36dc42ed49107c0f36802cc9b2ec4899cd1
-
Size
547KB
-
Sample
250123-jjjdzs1khk
-
MD5
db19928cd25a3efc74a81b435de36463
-
SHA1
c1940aa2a37592933721ca88024fd693e79e3ab0
-
SHA256
8154682cec02091222abfb10fcd7c36dc42ed49107c0f36802cc9b2ec4899cd1
-
SHA512
d1a519280d2005dec805dc3c843491e4648ad486e97e7435e1b6df2d7c1bef3aa79fca1a3cd3ea981335498cbc89fc685816977806b32d344fe80fb9e6cb972e
-
SSDEEP
12288:ayveQB/fTHIGaPkKEYzURNAwbAgsNQx8Y1G:auDXTIGaPhEYzUzA0S9YY
Malware Config
Extracted
discordrat
-
discord_token
MTMzMTg2NTY1MzkwNDE0NjQ1NA.GgU0HP.6F9E1xySezJEUN9opvXP8i_Oa8TOSRSKASDFts
-
server_id
1331866378998775881
Targets
-
-
Target
8154682cec02091222abfb10fcd7c36dc42ed49107c0f36802cc9b2ec4899cd1
-
Size
547KB
-
MD5
db19928cd25a3efc74a81b435de36463
-
SHA1
c1940aa2a37592933721ca88024fd693e79e3ab0
-
SHA256
8154682cec02091222abfb10fcd7c36dc42ed49107c0f36802cc9b2ec4899cd1
-
SHA512
d1a519280d2005dec805dc3c843491e4648ad486e97e7435e1b6df2d7c1bef3aa79fca1a3cd3ea981335498cbc89fc685816977806b32d344fe80fb9e6cb972e
-
SSDEEP
12288:ayveQB/fTHIGaPkKEYzURNAwbAgsNQx8Y1G:auDXTIGaPhEYzUzA0S9YY
Score10/10-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-