ShimRAT

Description

(Fox-IT) ShimRat is a custom developed piece of malware known as a ‘RAT’, Remote Administration Tool. It has among others standard capabilities for filesystem interaction.The malware was originally built in 2012 and its features were expanded over the years. The artifacts left in the first samples, are a good indicator that the project has been started in 2012. Multiple pdB paths were seen in the early versions of ShimRat. These PDB paths are not visible in the latest versions of ShimRat, due to how the samples are prepared. The PDB paths are either stripped or filled with different paths.

Names

Name
ShimRAT
Shim RAT

Type

Backdoor
Info stealer
Exfiltration

Information

https://foxitsecurity.files.wordpress.com/2016/06/fox-it_mofang_threatreport_tlp-white.pdf

Mitre Attack

https://attack.mitre.org/software/S0444/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.shimrat

Other Information

Uuid

aac889bc-4215-404b-afa4-343364ff8cd4

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

ShimRAT

ShimRAT

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks