discordrat | 9f60b978b4e60a70cbc1037acb55ff4f6d61765b30ac2e12cf9cf8b2c51f8347 | Triage

Submit
Reports

Overview

overview

Static

static

hi.exe

windows10-2004-x64

Sharing

General

Target

hi.exe
Size

78KB
Sample

250301-rq9hraszex
MD5

40ad387a93b7cd81f0f79be861ab93d9
SHA1

4102508d22f1aaa136f881a063ddce8e1e1fac51
SHA256

9f60b978b4e60a70cbc1037acb55ff4f6d61765b30ac2e12cf9cf8b2c51f8347
SHA512

23b1d218b42f973e4adc1b7d9c26df80da86ad38ed0c64d2dd9a5d89c854a947abd506eeeb89778fcd97d4b3f503996fc0f4d06d3def33717ac586d3fbfcfb91
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+kPIC:5Zv5PDwbjNrmAE+4IC

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

hi.exe

Resource

win10v2004-20250217-en

discordrat discovery persistence rat rootkit stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTM0NTM5MzQ2MDI1MzAzNjY0NQ.GrXV21.mbLL4SHVtIfeuQK4zD7pSOfnc8VzTKgzYjGA-Y
server_id
1345255073441251349

Targets

- Target
  
  hi.exe
- Size
  
  78KB
- MD5
  
  40ad387a93b7cd81f0f79be861ab93d9
- SHA1
  
  4102508d22f1aaa136f881a063ddce8e1e1fac51
- SHA256
  
  9f60b978b4e60a70cbc1037acb55ff4f6d61765b30ac2e12cf9cf8b2c51f8347
- SHA512
  
  23b1d218b42f973e4adc1b7d9c26df80da86ad38ed0c64d2dd9a5d89c854a947abd506eeeb89778fcd97d4b3f503996fc0f4d06d3def33717ac586d3fbfcfb91
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+kPIC:5Zv5PDwbjNrmAE+4IC
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy