FakeM

Description

(Trend Micro) We found a family of RATs that we call “FAKEM” that make their network traffic look like various protocols. Some variants attempt to disguise network traffic to look like Windows® Messenger and Yahoo!® Messenger traffic. Another variant tries to make the content of its traffic look like HTML. While the disguises the RATs use are simple and distinguishable from legitimate traffic, they may be just good enough to avoid further scrutiny.

Names

Name
FakeM
FakeM RAT
Terminator RAT

Type

Backdoor

Information

https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf
https://www.welivesecurity.com/wp-content/uploads/2014/01/Advanced-Persistent-Threats.pdf

Mitre Attack

https://attack.mitre.org/software/S0076/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.terminator_rat

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:FakeM

Other Information

Uuid

821cb159-baed-4d8b-9ac4-5740abcd6b2b

Last Card Change

2020-05-14

Threat Intelligence Garden

Explorer

FakeM

FakeM

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks