GoldenRAT

Description

(Qihoo 360) After analysing the backdoor script, as mentioned earlier, we found that this is a classic backdoor that has been circulating on the network for a long time. Features include getting system information and uploading, setting up scheduled tasks, downloading files, executing shell commands, deleting files, ending processes, traversing file drivers and processes, and more.

Names

Name
GoldenRAT

Category

Malware

Type

• Reconnaissance
• Backdoor
• Info stealer
• Exfiltration

Information

• https://blog.360totalsecurity.com/en/the-sample-analysis-of-apt-c-27s-recent-attack/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/apk.goldenrat

Other Information

Uuid

783107ec-299d-4a11-a852-9118dcc37eea

Last Card Change

2020-04-23