MysterySnail RAT

Description

(Kaspersky) Our deep dive into the MysterySnail RAT family started with an analysis of a previously unknown remote shell-type Trojan that was intended to be executed by an elevation of privilege exploit. The sample which we analyzed was also uploaded to VT on August 10, 2021. The sample is very big – 8.29MB. One of the reasons for the file size is that it’s statically compiled with the OpenSSL library and contains unused code and data belonging to that library. But the main reason for its size is the presence of two very large functions that do nothing but waste processor clock cycles. These functions also “use” randomly generated strings that are also present in a binary.

Names

Name
MysterySnail RAT
MysterySnail

Type

Backdoor
Info stealer
Exfiltration

Information

https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.mystery_snail

Other Information

Uuid

582092bf-4d53-40c0-bb80-c7c1508127b2

Last Card Change

2022-12-28

Threat Intelligence Garden

Explorer

MysterySnail RAT

MysterySnail RAT

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks