SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.capra_rat (Back to overview)

CapraRAT

Actor(s): Operation C-Major

According to PCrisk, CapraRAT is the name of an Android remote access trojan (RAT), possibly a modified version of another (open-source) RAT called AndroRAT. It is known that CapraRAT is used by an advanced persistent threat group (ATP) called APT36 (also known as Earth Karkaddan). CapraRAT allows attackers to perform certain actions on the infected Android device.

References
2023-09-18SentinelOneAlex Delamotte
CapraTube | Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones
CapraRAT Operation C-Major
2023-03-07ESET ResearchLukáš Štefanko
Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials
CapraRAT
2022-01-24Trend MicroTrend Micro
Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal
CapraRAT Crimson RAT Oblique RAT Operation C-Major

There is no Yara-Signature yet.