GoogleDrive RAT

Description

(Nyotron) Some of the compromised servers contained an innovative Google Drive-based RAT under the name Service.exe. The attacker moved Service.exe to C:\Windows\system32 along with a large set of files. These files included DLLs related to the Google API used for communication and more.

Names

Name
GoogleDrive RAT

Type

Backdoor

Information

https://www.nyotron.com/collateral/Nyotron-OilRig-Malware-Report-March-2018C.pdf

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.google_drive_rat

Other Information

Uuid

789aa471-f872-4252-b492-c68d2d8bf8ff

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

GoogleDrive RAT

GoogleDrive RAT

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks