discordrat | 6b436dc3ef858aba1d333ff383e6f988eff27f135fd7a18c05ee8638d3d333c0 | Triage

Sharing

General

Target

6b436dc3ef858aba1d333ff383e6f988eff27f135fd7a18c05ee8638d3d333c0
Size

670KB
Sample

250413-z8h3hssnx6
MD5

7678662a2d17213e9702b32849b93f50
SHA1

0103985b35e19cd62391f78dad39a906cbc29fa6
SHA256

6b436dc3ef858aba1d333ff383e6f988eff27f135fd7a18c05ee8638d3d333c0
SHA512

7f3968449b87786228e5a9e3c593fe1a5a17aefb07a37c29cdc854e74c595f4435c753ad3e12b80e9f1f8e0a6db525c2d304ae3db67ee41034be1effd7acf8b2
SSDEEP

12288:lbQIi8rXTWcJHsp63L2tf6l3k6UDTaBCDWvrZE3Jj:lbQfQjWKM072B6l3k6iTaBCDWvri5j

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTM2MDk2NTQ2OTQzMTAwOTUxMA.GgBXT5.BBz5TSgCaJBkVoYheyBUpT5_ov8AioGtg7qzdc
server_id
1360965855982260224

Targets

- Target
  
  6b436dc3ef858aba1d333ff383e6f988eff27f135fd7a18c05ee8638d3d333c0
- Size
  
  670KB
- MD5
  
  7678662a2d17213e9702b32849b93f50
- SHA1
  
  0103985b35e19cd62391f78dad39a906cbc29fa6
- SHA256
  
  6b436dc3ef858aba1d333ff383e6f988eff27f135fd7a18c05ee8638d3d333c0
- SHA512
  
  7f3968449b87786228e5a9e3c593fe1a5a17aefb07a37c29cdc854e74c595f4435c753ad3e12b80e9f1f8e0a6db525c2d304ae3db67ee41034be1effd7acf8b2
- SSDEEP
  
  12288:lbQIi8rXTWcJHsp63L2tf6l3k6UDTaBCDWvrZE3Jj:lbQfQjWKM072B6l3k6iTaBCDWvri5j
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer