discordrat | b2a330ba54b23e7648b9daf38a12deb222f75b6e075f6c0f905f3bf3985db9cd | Triage

Sharing

General

Target

texturepackinstaller.exe
Size

78KB
Sample

250128-dlhmksvrhm
MD5

90536ee12dd9508f6997fd0054b4db94
SHA1

d401c203834e0e01645e656c50b0c8192f65cabb
SHA256

b2a330ba54b23e7648b9daf38a12deb222f75b6e075f6c0f905f3bf3985db9cd
SHA512

6a96d7ee8fb01320c1ddfa278a1ecd39e9e2abfc3fb64bcc52d5821af0812f30adb9c24ed9ffcb89a2e5e538b100bcaf433e675e7a07f5105b5efde712b3845a
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+GPIC:5Zv5PDwbjNrmAE+iIC

Score

10^/10

discordrat persistence rat rootkit spyware stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMzMzYzMjY5NDM1NzMyNzk0NA.G5m6_o.pA1GjWJW_fUYIHL3QoJb96zRfxPcqcZ7PaNoy8
server_id
1333632570507788341

Targets

- Target
  
  texturepackinstaller.exe
- Size
  
  78KB
- MD5
  
  90536ee12dd9508f6997fd0054b4db94
- SHA1
  
  d401c203834e0e01645e656c50b0c8192f65cabb
- SHA256
  
  b2a330ba54b23e7648b9daf38a12deb222f75b6e075f6c0f905f3bf3985db9cd
- SHA512
  
  6a96d7ee8fb01320c1ddfa278a1ecd39e9e2abfc3fb64bcc52d5821af0812f30adb9c24ed9ffcb89a2e5e538b100bcaf433e675e7a07f5105b5efde712b3845a
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+GPIC:5Zv5PDwbjNrmAE+iIC
Score

10^/10

discordrat persistence rat rootkit spyware stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitspywarestealer