discordrat | a560ab6946cf1587d7fea27fad3c9fda07b8eaabe074aa7d50909992a6d1ec90 | Triage

Sharing

General

Target

Napse.exe
Size

78KB
Sample

250217-s3b9fs1mx7
MD5

80d7e91e70c9666a60e2cbd64cf469e5
SHA1

7125bd28afe3299de6affa70aecb86ec26f9fe3d
SHA256

a560ab6946cf1587d7fea27fad3c9fda07b8eaabe074aa7d50909992a6d1ec90
SHA512

737753cb5d42bc3d235c0c1b2b222ca9f1db3027404f44edc8eab7e66e6426ef80ed652be94b3820edead0e5038850d24d0c8fe747d522ea75f1dcb445aabb0d
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+bPIC:5Zv5PDwbjNrmAE+TIC

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTM0MDQ2NTE3NDQ5ODI0NjczOQ.G_2seY.10LCOmd7IrhljIkRf2M2lpfOrcmegvpKiDLI_8
server_id
1340466656878530610

Targets

- Target
  
  Napse.exe
- Size
  
  78KB
- MD5
  
  80d7e91e70c9666a60e2cbd64cf469e5
- SHA1
  
  7125bd28afe3299de6affa70aecb86ec26f9fe3d
- SHA256
  
  a560ab6946cf1587d7fea27fad3c9fda07b8eaabe074aa7d50909992a6d1ec90
- SHA512
  
  737753cb5d42bc3d235c0c1b2b222ca9f1db3027404f44edc8eab7e66e6426ef80ed652be94b3820edead0e5038850d24d0c8fe747d522ea75f1dcb445aabb0d
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+bPIC:5Zv5PDwbjNrmAE+TIC
Score

10^/10

discordrat persistence rat rootkit stealer discovery
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratdiscoverypersistenceratrootkitstealer