General
-
Target
https://mega.nz/file/bzACwQpY#fEW7LQ-AwrH4BDlJuU3zXK1c_3_jwRmcsdfCz7u8Eio
-
Sample
250124-dgltfaxneq
Score
10/10
Malware Config
Extracted
Family
discordrat
Attributes
-
discord_token
MTMzMjE1MjQ1NzQzMzg0MTY4Ng.GegUda.sEXJI18X6s8vr3thxl2kB0kdlOYRbpk7RIjEqs
-
server_id
1332152349216735336
Targets
-
-
Target
https://mega.nz/file/bzACwQpY#fEW7LQ-AwrH4BDlJuU3zXK1c_3_jwRmcsdfCz7u8Eio
Score10/10-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
1Resource Forking
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1