Sorillus RAT Propose Change

Sorillus is a Java-based multifunctional remote access trojan (RAT) which targets Linux, macOS and Windows operating systems. While it was first created in 2019, interest in the tool has increased considerably in 2022. Beginning on January 18, 2022, different obfuscated client versions of the tool started to be uploaded to VirusTotal. Sorillus' features are described in detail on its website (hxxps://sorillus[.]com). The tool supposedly costs 49.99€ for lifetime access but is currently available at a discounted 19.99€. Conveniently, the Sorillus can be purchased via a variety of cryptocurrencies. The tool's creator and distributor, a YouTube user known as "Tapt", asserts that the tool is able to collect the following information from its target:
- HardwareID
- Username
- Country
- Language
- Webcam
- Headless
- Operating system
- Client Version

References

There is no Yara-Signature yet.