discordrat | aaed10a5696b343399fca93ed61d29d702ee1f9c33c5e6ec71bd0944cb798cbb | Triage

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25/03/2025, 13:26

Sharing

Report Analysis Logs

General

Target

Discord rat.exe
Size

78KB
MD5

6845ba5ef1a6a8e59cf1083e9bdb1cc9
SHA1

55466b389575b685770d4b50ed77ff6c506e445c
SHA256

aaed10a5696b343399fca93ed61d29d702ee1f9c33c5e6ec71bd0944cb798cbb
SHA512

3e5348cb15ab4526c7b76e8b388f2d985a4a4ed43aced224aba8d92f71ca1b9c592d9a5ec8c19d654496ffd31014843e4ce347ca3ec38b7ee6231ea4b7712440
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+1PIC:5Zv5PDwbjNrmAE+lIC

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxNzc4NzM1NjY1MjI0NTAyNQ.GqmEhb.7ywPf8feEUCGQMaGvdeqkYP1e_csk5qOOqp1qI
server_id
1354016729151442974

Signatures

Discord RAT
A RAT written in C# using Discord as a C2.
stealer rootkit rat persistence discordrat
Discordrat family
discordrat

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 1264	2356	Discord rat.exe	30
PID 2356 wrote to memory of 1264	2356	Discord rat.exe	30
PID 2356 wrote to memory of 1264	2356	Discord rat.exe	30

C:\Users\Admin\AppData\Local\Temp\Discord rat.exe
"C:\Users\Admin\AppData\Local\Temp\Discord rat.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2356 -s 596
  2⤵
  PID:1264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2356-0-0x000007FEF5A23000-0x000007FEF5A24000-memory.dmp

Filesize
4KB

Download
memory/2356-1-0x000000013FB40000-0x000000013FB58000-memory.dmp

Filesize
96KB

Download
memory/2356-2-0x000007FEF5A20000-0x000007FEF640C000-memory.dmp

Filesize
9.9MB

Download
memory/2356-3-0x000007FEF5A20000-0x000007FEF640C000-memory.dmp

Filesize
9.9MB

Download