SYMBOLCOMMON_NAMEaka. SYNONYMS
py.lokirat (Back to overview)

Loki RAT

Actor(s): El Machete

This RAT written in Python is an open-source fork of the Ares RAT. This malware integrates additional modules, like recording, lockscreen, and locate options. It was used in a customized form version by El Machete APT in an ongoing champaign since 2020. The original code can be found at: https://github.com/TheGeekHT/Loki.Rat/

References
2022-03-31Check Point Research
@online{research:20220331:statesponsored:d8ce198, author = {Check Point Research}, title = {{State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage}}, date = {2022-03-31}, url = {https://research.checkpoint.com/2022/state-sponsored-attack-groups-capitalise-on-russia-ukraine-war-for-cyber-espionage/}, language = {English}, urldate = {2022-04-05} } State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage
Loki RAT El Machete APT Backdoor Dropper Lyceum .NET DNS Backdoor Lyceum .NET TCP Backdoor Lyceum Golang HTTP Backdoor

There is no Yara-Signature yet.