discordrat | 73c42981537f9d240a6ba70c63223856a3c5617b79a75807cd1b35c8a494e8c7 | Triage

Submit
Reports

Overview

overview

Static

static

3

Frieren‮gpj.exe

windows11-21h2-x64

Resubmissions

16/04/2025, 19:00

250416-xn3kbat1b1 10

16/04/2025, 02:56

250416-dfenqssnx7 10

Sharing

General

Target

Frieren‮gpj.exe
Size

521KB
Sample

250416-xn3kbat1b1
MD5

c7a711e7ac56d59c2b1db7df5ce34603
SHA1

c53a78ba223f21c8e045d9217f098bfb03ee8a18
SHA256

73c42981537f9d240a6ba70c63223856a3c5617b79a75807cd1b35c8a494e8c7
SHA512

606a90e1f8a6af3f53148043d02d765158d39c11d84ea3ce304ebbd63ed497459e9419ecf73486e5d5f9facf0dab6947fe721d75103f8c9d8b8c8e490f966941
SSDEEP

12288:ZyveQB/fTHIGaPkKEYzURNAwbAg8XIAVVsaMtJJw6:ZuDXTIGaPhEYzUzA0qpdMfJw6

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Frieren‮gpj.exe

Resource

win11-20250410-en

discordrat discovery persistence rat rootkit stealer

windows11-21h2-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTM2MTg0MjQwNDY2Mjk2ODQ0Mg.GYjtQQ.2ei7p7gWKcrhkl_MZUCJph57lWBVv-ENjjnMjU
server_id
1361842784121782312

Targets

- Target
  
  Frieren‮gpj.exe
- Size
  
  521KB
- MD5
  
  c7a711e7ac56d59c2b1db7df5ce34603
- SHA1
  
  c53a78ba223f21c8e045d9217f098bfb03ee8a18
- SHA256
  
  73c42981537f9d240a6ba70c63223856a3c5617b79a75807cd1b35c8a494e8c7
- SHA512
  
  606a90e1f8a6af3f53148043d02d765158d39c11d84ea3ce304ebbd63ed497459e9419ecf73486e5d5f9facf0dab6947fe721d75103f8c9d8b8c8e490f966941
- SSDEEP
  
  12288:ZyveQB/fTHIGaPkKEYzURNAwbAg8XIAVVsaMtJJw6:ZuDXTIGaPhEYzUzA0qpdMfJw6
Score

10^/10

discordrat discovery persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Discordrat family
  discordrat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discordratdiscoverypersistenceratrootkitstealer

© 2018-2025

Terms | Privacy