Overview

overview

10

Static

static

10

Client-built.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    78KB

  • Sample

    250412-xttjlazmv4

  • MD5

    59a0375a686303ecbcd2c954a4ed463a

  • SHA1

    9aa598dd766664fad17cc7314781b2fd51d9b6e5

  • SHA256

    44b43816c2a2e8c8d7d25f89a89cf4a4d58edc256c9259c4abd10c714581171f

  • SHA512

    c8c2930d096b8d1db626edcf5826236e98c0b86e548682940948789a394e20c906ba90ba7957a4dee03bac10b171df3208864b18d1e26944b26c98fd9dd22687

  • SSDEEP

    1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+hPIC:5Zv5PDwbjNrmAE+xIC

Score
10/10
discordratdiscoverypersistenceransomwareratrootkitspywarestealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTM1ODQ4Njg2NDg5NzYzODQ1MQ.GUbuHC.IO97xYxK3Oc5MyDbEWeaZtVghGPnaKrlJTzPtU

  • server_id

    1360692353114964131

Targets

    • Target

      Client-built.exe

    • Size

      78KB

    • MD5

      59a0375a686303ecbcd2c954a4ed463a

    • SHA1

      9aa598dd766664fad17cc7314781b2fd51d9b6e5

    • SHA256

      44b43816c2a2e8c8d7d25f89a89cf4a4d58edc256c9259c4abd10c714581171f

    • SHA512

      c8c2930d096b8d1db626edcf5826236e98c0b86e548682940948789a394e20c906ba90ba7957a4dee03bac10b171df3208864b18d1e26944b26c98fd9dd22687

    • SSDEEP

      1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+hPIC:5Zv5PDwbjNrmAE+xIC

    Score
    10/10
    discordratdiscoverypersistenceransomwareratrootkitspywarestealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks