discordrat | f48cfcefdae5347a3b28636990ea7bf4a3913b25ead970549b2aed25ca126a2a | Triage

Submit
Reports

Overview

overview

Static

static

Client-built.exe

windows7-x64

Client-built.exe

windows10-2004-x64

Sharing

General

Target

Client-built.exe
Size

78KB
Sample

240704-rme5qszelh
MD5

a87de6c537a47d45a33d6cd7fe63c7d8
SHA1

7e6c0eeb273ff05cd0ceecf54a5eebf74eab3dfb
SHA256

f48cfcefdae5347a3b28636990ea7bf4a3913b25ead970549b2aed25ca126a2a
SHA512

594a952866609f288ce6f21359ca1a8e4e2452479b1ddca7b13de404816eaaf5f2bb4239889f3c4cc50a109cf862e92ad2e0e4a0f8425d98c8a7d0905b20df08
SSDEEP

1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+yPIC:5Zv5PDwbjNrmAE++IC

Score

10^/10

discordrat persistence rat rootkit stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Client-built.exe

Resource

win7-20240508-en

discordrat persistence rat rootkit stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Client-built.exe

Resource

win10v2004-20240611-en

discordrat persistence rat rootkit stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI1ODE0MjA5Mzg3NjkyMDM5MA.G8HI0H.--xk7lvmzg6lSm3Q38_QLfEurjVUDvUKfDsSp4
server_id
1258141390668435557

Targets

- Target
  
  Client-built.exe
- Size
  
  78KB
- MD5
  
  a87de6c537a47d45a33d6cd7fe63c7d8
- SHA1
  
  7e6c0eeb273ff05cd0ceecf54a5eebf74eab3dfb
- SHA256
  
  f48cfcefdae5347a3b28636990ea7bf4a3913b25ead970549b2aed25ca126a2a
- SHA512
  
  594a952866609f288ce6f21359ca1a8e4e2452479b1ddca7b13de404816eaaf5f2bb4239889f3c4cc50a109cf862e92ad2e0e4a0f8425d98c8a7d0905b20df08
- SSDEEP
  
  1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+yPIC:5Zv5PDwbjNrmAE++IC
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer

behavioral2

discordratpersistenceratrootkitstealer

© 2018-2024

Terms | Privacy