mirror of https://github.com/MISP/misp-galaxy
update rat
parent
aa34718b13
commit
0755e11c02
|
@ -225,7 +225,7 @@
|
|||
"https://www.fireeye.com/blog/threat-research/2013/10/know-your-enemy-tracking-a-rapidly-evolving-apt-actor.html"
|
||||
]
|
||||
},
|
||||
"description": "Bozok, like many other popular RATs, is freely available [2]. The author of the Bozok RAT goes by the moniker “Slayer616” and has created another RAT known as Schwarze Sonne, or “SS-RAT” for short. Both of these RATs are free and easy to find — various APT actors have used both in previous targeted attacks.",
|
||||
"description": "Bozok, like many other popular RATs, is freely available. The author of the Bozok RAT goes by the moniker “Slayer616” and has created another RAT known as Schwarze Sonne, or “SS-RAT” for short. Both of these RATs are free and easy to find — various APT actors have used both in previous targeted attacks.",
|
||||
"value": "Bozok"
|
||||
},
|
||||
{
|
||||
|
@ -266,7 +266,7 @@
|
|||
"http://darkratphp.blogspot.lu/"
|
||||
]
|
||||
},
|
||||
"description": "n March 2017, Fujitsu Cyber Threat Intelligence uncovered a newly developed remote access tool referred to by its developer as ‘Dark RAT’ – a tool used to steal sensitive information from victims. Offered as a Fully Undetectable build (FUD) the RAT has a tiered price model including 24/7 support and an Android version. Android malware has seen a significant rise in interest and in 2015 this resulted in the arrests of a number of suspects involved in the infamous DroidJack malware.",
|
||||
"description": "In March 2017, Fujitsu Cyber Threat Intelligence uncovered a newly developed remote access tool referred to by its developer as ‘Dark RAT’ – a tool used to steal sensitive information from victims. Offered as a Fully Undetectable build (FUD) the RAT has a tiered price model including 24/7 support and an Android version. Android malware has seen a significant rise in interest and in 2015 this resulted in the arrests of a number of suspects involved in the infamous DroidJack malware.",
|
||||
"value": "DarkRat"
|
||||
},
|
||||
{
|
||||
|
@ -275,7 +275,7 @@
|
|||
"https://sites.google.com/site/greymecompany/greame-rat-project"
|
||||
]
|
||||
},
|
||||
"value": "Graeme"
|
||||
"value": "Greame"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -407,9 +407,6 @@
|
|||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
""
|
||||
],
|
||||
"refs": [
|
||||
"https://www.fireeye.com/blog/threat-research/2014/02/xtremerat-nuisance-or-threat.html"
|
||||
]
|
||||
|
@ -443,6 +440,286 @@
|
|||
},
|
||||
"description": "Plasma RAT’s stub is fairly advanced, having many robust features. Some of the features include botkilling, Cryptocurrencies Mining (CPU and GPU), persistence, anti-analysis, torrent seeding, AV killer, 7 DDoS methods and a keylogger. The RAT is coded in VB.Net. There is also a Botnet version of it (Plasma HTTP), which is pretty similar to the RAT version.",
|
||||
"value": "Plasma RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.rekings.com/babylon-rat/"
|
||||
]
|
||||
},
|
||||
"description": "Babylon is a highly advanced remote administration tool with no dependencies. The server is developed in C++ which is an ideal language for high performance and the client is developed in C#(.Net Framework 4.5)",
|
||||
"value": "Babylon"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.imminentmethods.info/"
|
||||
]
|
||||
},
|
||||
"description": "RAT",
|
||||
"value": "Imminent Monitor"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://droidjack.net/"
|
||||
]
|
||||
},
|
||||
"description": "DroidJack is a RAT (Remote Access Trojan/Remote Administration Tool) nature of remote accessing, monitoring and managing tool (Java based) for Android mobile OS. You can use it to perform a complete remote control to any Android devices infected with DroidJack through your PC. It comes with powerful function and user-friendly operation – even allows attackers to fully take over the mobile phone and steal, record the victim’s private data wilfully.",
|
||||
"value": "DroidJack"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/quasar/QuasarRAT"
|
||||
]
|
||||
},
|
||||
"description": "Quasar is a fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface",
|
||||
"value": "Quasar RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/qqshow/dendroid",
|
||||
"https://github.com/nyx0/Dendroid"
|
||||
]
|
||||
},
|
||||
"description": "Dendroid is malware that affects Android OS and targets the mobile platform. It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300. Some things were noted in Dendroid, such as being able to hide from emulators at the time. When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time. It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it. It also seems to have follow in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels. The code appeared to be leaked somewhere around 2014. It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.",
|
||||
"value": "Dendroid"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/shotskeber/Ratty"
|
||||
]
|
||||
},
|
||||
"description": "A Java R.A.T. program",
|
||||
"value": "Ratty"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://level23hacktools.com/forum/showthread.php?t=27971",
|
||||
"https://leakforums.net/thread-405562?tid=405562&&pq=1"
|
||||
]
|
||||
},
|
||||
"description": "Java RAT",
|
||||
"value": "RaTRon"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://arabian-attacker.software.informer.com/"
|
||||
]
|
||||
},
|
||||
"value": "Arabian-Attacker RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://latesthackingnews.com/2015/05/31/how-to-hack-android-phones-with-androrat/",
|
||||
"https://github.com/wszf/androrat"
|
||||
]
|
||||
},
|
||||
"description": "Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.",
|
||||
"value": "Androrat"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://adzok.com/"
|
||||
]
|
||||
},
|
||||
"description": "Remote Administrator",
|
||||
"value": "Adzok"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"synonyms": [
|
||||
"SS-RAT",
|
||||
"Schwarze Sonne"
|
||||
],
|
||||
"refs": [
|
||||
"https://github.com/mwsrc/Schwarze-Sonne-RAT"
|
||||
]
|
||||
},
|
||||
"value": "Schwarze-Sonne-RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.indetectables.net/viewtopic.php?t=24245"
|
||||
]
|
||||
},
|
||||
"value": "Cyber Eye RAT"
|
||||
},
|
||||
{
|
||||
"value": "Batch NET"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://leakforums.net/thread-530663"
|
||||
]
|
||||
},
|
||||
"value": "RWX RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://spynet-rat-officiel.blogspot.lu/"
|
||||
]
|
||||
},
|
||||
"description": "Spy-Net is a software that allow you to control any computer in world using Windows Operating System.He is back using new functions and good options to give you full control of your remote computer.Stable and fast, this software offer to you a good interface, creating a easy way to use all his functions",
|
||||
"value": "Spynet"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://leakforums.net/thread-559871"
|
||||
]
|
||||
},
|
||||
"value": "CTOS"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/mwsrc/Virus-RAT-v8.0-Beta"
|
||||
]
|
||||
},
|
||||
"value": "Virus RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.atelierweb.com/products/"
|
||||
]
|
||||
},
|
||||
"value": "Atelier Web Remote Commander"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/chrismattmann/drat"
|
||||
]
|
||||
},
|
||||
"description": "A distributed, parallelized (Map Reduce) wrapper around Apache™ RAT to allow it to complete on large code repositories of multiple file types where Apache™ RAT hangs forev",
|
||||
"value": "drat"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.f-secure.com/v-descs/mosuck.shtml"
|
||||
]
|
||||
},
|
||||
"description": "MoSucker is a powerful backdoor - hacker's remote access tool.",
|
||||
"value": "MoSucker"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.grayhatforum.org/thread-4373-post-5213.html#pid5213",
|
||||
"http://www.spy-emergency.com/research/T/Theef_Download_Creator.html",
|
||||
"http://www.spy-emergency.com/research/T/Theef.html"
|
||||
]
|
||||
},
|
||||
"value": "Theef"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://prorat.software.informer.com/",
|
||||
"http://malware.wikia.com/wiki/ProRat"
|
||||
]
|
||||
},
|
||||
"description": "ProRat is a Microsoft Windows based backdoor trojan, more commonly known as a Remote Administration Tool. As with other trojan horses it uses a client and server. ProRat opens a port on the computer which allows the client to perform numerous operations on the server (the machine being controlled). ",
|
||||
"value": "ProRat"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://sites.google.com/site/greymecompany/setro-rat-project"
|
||||
]
|
||||
},
|
||||
"value": "Setro"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.connect-trojan.net/2015/03/indetectables-rat-v.0.5-beta.html"
|
||||
]
|
||||
},
|
||||
"value": "Indetectables RAT"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://luminosity.link/"
|
||||
]
|
||||
},
|
||||
"value": "Luminosity Link"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://orcustechnologies.com/"
|
||||
]
|
||||
},
|
||||
"value": "Orcus"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.connect-trojan.net/2014/10/blizzard-rat-lite-v1.3.1.html"
|
||||
]
|
||||
},
|
||||
"value": "Blizzard"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.rekings.com/kazybot-lite-php-rat/",
|
||||
"http://telussecuritylabs.com/threats/show/TSL20150122-06"
|
||||
]
|
||||
},
|
||||
"value": "Kazybot"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"http://www.connect-trojan.net/2015/01/bx-rat-v1.0.html"
|
||||
]
|
||||
},
|
||||
"value": "BX"
|
||||
},
|
||||
{
|
||||
"value": "death"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://rubear.me/threads/sky-wyder-2016-cracked.127/"
|
||||
]
|
||||
},
|
||||
"value": "Sky Wyder"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.rekings.com/darktrack-4-alien/",
|
||||
"http://news.softpedia.com/news/free-darktrack-rat-has-the-potential-of-being-the-best-rat-on-the-market-508179.shtml"
|
||||
]
|
||||
},
|
||||
"value": "DarkTrack"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://github.com/c4bbage/xRAT"
|
||||
]
|
||||
},
|
||||
"description": "Free, Open-Source Remote Administration Tool. xRAT 2.0 is a fast and light-weight Remote Administration Tool coded in C# (using .NET Framework 2.0).",
|
||||
"value": "xRAT"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue