Overview

overview

10

Static

static

1

New Text D...).html

windows11-21h2-x64

10

Resubmissions

17-02-2025 12:23

250217-pkn9hsyndt 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New Text Document (2).html

  • Size

    193B

  • Sample

    250217-pkn9hsyndt

  • MD5

    9c1026427ed201a0180b01c369c71435

  • SHA1

    f917c53783d2a6ebc7e3c4ccb212b85a6a882048

  • SHA256

    afde9aaa873e0952ba317b2808a141f6f7d3f4f24ff19a9a0ee88230ef1707c4

  • SHA512

    d47bacdeb73f2161078a3c185b431a95978b0c008eb934a991f5e51f0babfebe780c133121751191fde8b50a9c980024f0027f0924f5991fa69de2eb10e6f4d1

Score
10/10
discordratdefense_evasiondiscoverypersistenceratrootkitstealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTMxMDkxODg1Mjk4ODc2NDE4MA.GzBXeG.IQdsANXf5vF4yFt_OatJlXeGmRVH0AzHFLzfHw

  • server_id

    1310919517383294990

Targets

    • Target

      New Text Document (2).html

    • Size

      193B

    • MD5

      9c1026427ed201a0180b01c369c71435

    • SHA1

      f917c53783d2a6ebc7e3c4ccb212b85a6a882048

    • SHA256

      afde9aaa873e0952ba317b2808a141f6f7d3f4f24ff19a9a0ee88230ef1707c4

    • SHA512

      d47bacdeb73f2161078a3c185b431a95978b0c008eb934a991f5e51f0babfebe780c133121751191fde8b50a9c980024f0027f0924f5991fa69de2eb10e6f4d1

    Score
    10/10
    discordratdefense_evasiondiscoverypersistenceratrootkitstealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks