PyVil RAT

Description

(Cybereason) PyVil RAT possesses different functionalities, and enables the attackers to exfiltrate data, perform keylogging and the taking of screenshots, and the deployment of more tools such as LaZagne in order to steal credentials.

The PyVil RAT has several functionalities including:

• Keylogger • Running cmd commands • Taking screenshots • Downloading more Python scripts for additional functionality • Dropping and uploading executables • Opening an SSH shell • Collecting information such as: o Anti-virus products installed o USB devices connected o Chrome version

Names

Name
PyVil RAT
PyVil

Type

Reconnaissance
Backdoor
Info stealer
Credential stealer
Keylogger
Downloader
Exfiltration

Information

https://www.cybereason.com/blog/no-rest-for-the-wicked-evilnum-unleashes-pyvil-rat

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/py.pyvil

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:PyVil%20RAT

Other Information

Uuid

d1f93996-93c1-43a8-9893-2d2735fa1023

Last Card Change

2022-12-28

Threat Intelligence Garden

Explorer

PyVil RAT

PyVil RAT

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks