discordrat | aa87ea626a27c8bd572ddaf2a60cf2f0bea97a2ba8b6621663b4a3ebfa389455 | Triage

Sharing

General

Target

Diavlo Cracked v3.0.sfx.exe
Size

975KB
Sample

250128-3szl4svkht
MD5

64f382968e015e0872cbc6d76f765978
SHA1

3f48e8245d05c5be882febddbb536cf27dc5de53
SHA256

aa87ea626a27c8bd572ddaf2a60cf2f0bea97a2ba8b6621663b4a3ebfa389455
SHA512

0a02603856ef94f251333a055f03bbdc340a57a88f9ba52bf6fb0101bdcc94aa97a6d8f0104fcd222cc22191a14895dc958af272d89d55b5f3b02563cdcf4fdb
SSDEEP

24576:xuDXTIGaPhEYzUzA0/0ecpUpOZhfBoTdIUUYBqLsoP46sJp:kDjlabwz9IAuJqdDUeM46ip

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMzMDQyNzc0NDMwMzA1ODk4NQ.GwBsnV.DbDqkIByVgiJFZEGnnCEqbRM9oTQOr0FL49leU
server_id
1331769473505689671

Targets

- Target
  
  Diavlo Cracked v3.0.sfx.exe
- Size
  
  975KB
- MD5
  
  64f382968e015e0872cbc6d76f765978
- SHA1
  
  3f48e8245d05c5be882febddbb536cf27dc5de53
- SHA256
  
  aa87ea626a27c8bd572ddaf2a60cf2f0bea97a2ba8b6621663b4a3ebfa389455
- SHA512
  
  0a02603856ef94f251333a055f03bbdc340a57a88f9ba52bf6fb0101bdcc94aa97a6d8f0104fcd222cc22191a14895dc958af272d89d55b5f3b02563cdcf4fdb
- SSDEEP
  
  24576:xuDXTIGaPhEYzUzA0/0ecpUpOZhfBoTdIUUYBqLsoP46sJp:kDjlabwz9IAuJqdDUeM46ip
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2