discordrat | 0be4ad905bf9e81e806fc772590ae8efa8951979d85d3495e39b0aa97c5c99d0 | Triage

Sharing

General

Target

Perm spoofer.rar
Size

26KB
Sample

250222-rldkhsylcv
MD5

9af55f1c835cadfe7836422700f53ece
SHA1

ad1b02992a2b0b244767e1f2943096276af1af15
SHA256

0be4ad905bf9e81e806fc772590ae8efa8951979d85d3495e39b0aa97c5c99d0
SHA512

ddb6792aa311cb235fff08cd3335e260ff69da2b5fd64f69b77396bd921e63965c331e9ca11e85e8253478d13dbc0e20cb8d7f4a7682314b6e881d1da502375d
SSDEEP

768:aODlxXhKhOx1z/BorP+MVvEQyYffb3CQQjUnA:FDlv2OPBo/R7x7BgUnA

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMzNDYyNTQ5ODUxMjQ5NDYzNA.G0EGQj.I75TlNTsSnE4gYOgbUK9YInJj34V1hRalj4piM
server_id
1185260625232937030

Targets

- Target
  
  Crack perm spoofer.exe
- Size
  
  78KB
- MD5
  
  63ec2a8c348d255586762d693ddf98db
- SHA1
  
  b04dda431d28d76e205b528f74d10ffa69f3a960
- SHA256
  
  013fa3b832efcc8647331576e6f512b4101eb087d6155bbfc976d680e668a667
- SHA512
  
  e1f5f717770212241243f5cc166f7b89f6f89c0cdf2f442b56b8b5738e820a79a513fb9733a78451908c717961273acebc314a99f198cded5b425e878b4fbc88
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+OPIC:5Zv5PDwbjNrmAE+qIC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer