discordrat | 02db83dd982ee8eadbb13701342096001fa816abfb807902c1fa5b4b9cd74fae | Triage

Sharing

General

Target

Loader_Eagle.exe
Size

108KB
Sample

250127-wn234szpdt
MD5

d9310bdfd6eb9699ec1f494400e996e6
SHA1

b65144e7a07a75d4354b2fda9df60145e63550d4
SHA256

02db83dd982ee8eadbb13701342096001fa816abfb807902c1fa5b4b9cd74fae
SHA512

6732a94617349af56eb044ddffbb284620e11aee29350df764996c0cfb24641aea6f663cb8db29a833dbf962667e6268d5315a89dc079d8d6a4c4bd7531c439c
SSDEEP

1536:g7WjO8XeEXFMZGO5uPwbjNrfxCXhRoKV6+V+XoKV6+1oKV6+WoKV6+ToKV6+DQwl:gMuZGOQwbjNrmAE+Yj0TBwl

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTE5NTg0ODc1MjI0NjgyNTA1Mg.Gj6VFU.xRdBucUILnznx2xwLkxgd1gyYsVG_qQFYNoaAI
server_id
1333477427032227951

Targets

- Target
  
  Loader_Eagle.exe
- Size
  
  108KB
- MD5
  
  d9310bdfd6eb9699ec1f494400e996e6
- SHA1
  
  b65144e7a07a75d4354b2fda9df60145e63550d4
- SHA256
  
  02db83dd982ee8eadbb13701342096001fa816abfb807902c1fa5b4b9cd74fae
- SHA512
  
  6732a94617349af56eb044ddffbb284620e11aee29350df764996c0cfb24641aea6f663cb8db29a833dbf962667e6268d5315a89dc079d8d6a4c4bd7531c439c
- SSDEEP
  
  1536:g7WjO8XeEXFMZGO5uPwbjNrfxCXhRoKV6+V+XoKV6+1oKV6+WoKV6+ToKV6+DQwl:gMuZGOQwbjNrmAE+Yj0TBwl
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer