Overview

overview

10

Static

static

3

test‮gpj.exe

windows10-2004-x64

10

test‮gpj.exe

windows11-21h2-x64

10

Resubmissions

16/04/2025, 20:01

250416-yrywzaypy4 10

16/04/2025, 20:01

250416-yrpcjaypy2 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test‮gpj.exe

  • Size

    572KB

  • Sample

    250416-yrywzaypy4

  • MD5

    baf30664b2f4618deb0e8e5c0c986190

  • SHA1

    80d757c065719e229966c1225243f576de1d9ee1

  • SHA256

    24070b4b76db100f847fe76970006c2fb0572f946c04366e1c244779cec31d36

  • SHA512

    5d9822709938dd8dea874a5b87ff88c9f02f0e66ace5d040d16db10b3f3cae302f1257fab03ae76eb8322566fd71ea970fc797d8b7c8b22ce2235ceac76bc123

  • SSDEEP

    12288:ZyveQB/fTHIGaPkKEYzURNAwbAg8XIAVVsaC/9azx9DC2OJGsc:ZuDXTIGaPhEYzUzA0qpdCc1sG/

Score
10/10
discordratpersistenceratrootkitstealer

Malware Config

Extracted

Family

discordrat

Attributes
  • discord_token

    MTM2MTg0MjQwNDY2Mjk2ODQ0Mg.GaRszQ.X7Cxp-q-RiN1Ze3ekFYZabcIERKoyq-IHUPvZQ

  • server_id

    1361842784121782312

Targets

    • Target

      test‮gpj.exe

    • Size

      572KB

    • MD5

      baf30664b2f4618deb0e8e5c0c986190

    • SHA1

      80d757c065719e229966c1225243f576de1d9ee1

    • SHA256

      24070b4b76db100f847fe76970006c2fb0572f946c04366e1c244779cec31d36

    • SHA512

      5d9822709938dd8dea874a5b87ff88c9f02f0e66ace5d040d16db10b3f3cae302f1257fab03ae76eb8322566fd71ea970fc797d8b7c8b22ce2235ceac76bc123

    • SSDEEP

      12288:ZyveQB/fTHIGaPkKEYzURNAwbAg8XIAVVsaC/9azx9DC2OJGsc:ZuDXTIGaPhEYzUzA0qpdCc1sG/

    Score
    10/10
    discordratpersistenceratrootkitstealer

    • Discord RAT

      A RAT written in C# using Discord as a C2.

      stealerrootkitratpersistencediscordrat

    • Discordrat family

      discordrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v16

Tasks