National Cyber Warfare Foundation (NCWF) Forums


CRAT wants to plunder your endpoints


0 user ratings
2020-11-12 14:15:18
milo
Malware
By Asheer Malhotra.

Cisco Talos has observed a new version of a remote access trojan (RAT) family known as CRAT.Apart from the prebuilt RAT capabilities, the malware can download and deploy additional malicious plugins on the infected endpoint.One of the plugins is a ransomware known as "Hansom."CRAT has been attributed to the Lazarus APT Group in the past.The RAT consists of multiple obfuscation techniques to hide strings, API names, command and control (C2) URLs and instrumental functions,...



[[ This is only the beginning! Please visit the blog for the complete entry ]]



Source: CiscoTalos
Source Link: http://feedproxy.google.com/~r/feedburner/Talos/~3/2Jp1g3gU68o/crat-and-plugins.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Malware



Copyright 2012 through 2021 - National Cyber Warfare Foundation - All rights reserved worldwide.