Discord is a VoIP and instant messaging social platform.
Create a new discord account. Login and click on the plus sign that says Add a Server on the left hand side. Create a new server, ensure that its public. In the general channel, click on the plus symbol on the message bar and click upload. Fire up Burpsuite and turn proxy intercept mode on, click on the attachment to intercept the request. Right click on the GET request in Burpsuite and click on copy link. Youll now have a direct link to the malware via discords CDN.
Usecase: Hosting malware with a limited budget
Follow the instructions per additional tooling provided in references. If you use DiscordGo, you'll have to compile your agent and configure your automation, in addition to making a server, setting up a bot, and configuring the tokens, permissions, and channels.
Usecase: Implant management via non-standard C2 platform
Attach ProcMon and start the Discord application. Filter for the values "ProcessName Contains Discord", "Result contains NOT FOUND" and "path ends with .dll" to check for viable abuse candidates. Generate a malicious DLL, and use a tool like Invoke-DLLClone to copy the export address table from your target dll, to your malicious one. Place the newly created DLL into the appropriate application folder, and start discord.
Usecase: Sideloading a Malicious DLL