discordrat | 0415f51718785e94b0a46e07726ff0365edd39346b7dec102fcc18066c1e960f | Triage

Sharing

General

Target

Zedfilter.exe
Size

78KB
Sample

250211-c25xdavngj
MD5

d5d379d82e48b20012571e109afdcabc
SHA1

81814e7e9624c129ada04f564161e34bfca79ed0
SHA256

0415f51718785e94b0a46e07726ff0365edd39346b7dec102fcc18066c1e960f
SHA512

df3cf445bf4a60021ed10aea72d8ae65ab80504838604c454a28abebe97793139a724da3f38eb1d766592e1940de11c9906c8db258a7231d8287d201e762b7c3
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+bPIC:5Zv5PDwbjNrmAE+TIC

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMzODEzMzAzMTI4MTQ5NjA3NQ.G-IWXr.t4kQYshfGCbgomBNDLaukslw-0UVk9bttQIQAU
server_id
1012892095574454333

Targets

- Target
  
  Zedfilter.exe
- Size
  
  78KB
- MD5
  
  d5d379d82e48b20012571e109afdcabc
- SHA1
  
  81814e7e9624c129ada04f564161e34bfca79ed0
- SHA256
  
  0415f51718785e94b0a46e07726ff0365edd39346b7dec102fcc18066c1e960f
- SHA512
  
  df3cf445bf4a60021ed10aea72d8ae65ab80504838604c454a28abebe97793139a724da3f38eb1d766592e1940de11c9906c8db258a7231d8287d201e762b7c3
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+bPIC:5Zv5PDwbjNrmAE+TIC
Score

10^/10

discordrat persistence rat rootkit stealer discovery
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratdiscoverypersistenceratrootkitstealer