SYMBOLCOMMON_NAMEaka. SYNONYMS
py.poet_rat (Back to overview)

Poet RAT


Cisco Talos has discovered a Python-based RAT they call Poet RAT. It is dropped from a Word document and delivered including a Python interpreter and required libraries. The name originates from references to Shakespeare. Exfiltration happens through FTP.

References
2023-03-14Cisco TalosAsheer Malhotra, Vitor Ventura
Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency
Poet RAT Loda Kasablanka YoroTrooper
2021-03-29DragosDragos
New ICS Threat Activity Group: STIBNITE
Poet RAT
2021-02-18PTSecurityPTSecurity
https://www.ptsecurity.com/ww-en/analytics/antisandbox-techniques/
Poet RAT Gravity RAT Ketrican Okrum OopsIE Remcos RogueRobinNET RokRAT SmokeLoader
2020-12-21Cisco TalosJON MUNSHAW
2020: The year in malware
WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader
2020-11-03Kaspersky LabsGReAT
APT trends report Q3 2020
WellMail EVILNUM Janicab Poet RAT AsyncRAT Ave Maria Cobalt Strike Crimson RAT CROSSWALK Dtrack LODEINFO MoriAgent Okrum PlugX poisonplug Rover ShadowPad SoreFang Winnti
2020-10-06TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
PoetRAT: Malware targeting public and private sector in Azerbaijan evolves
Poet RAT
2020-09-24Kaspersky LabsKaspersky Lab ICS CERT
Threat landscape for industrial automation systems - H1 2020
Poet RAT Mailto Milum RagnarLocker REvil Ryuk Snake
2020-07-14Cyborg SecurityAustin Jackson
PYTHON MALWARE ON THE RISE
Poet RAT PyLocky SEADADDY
2020-04-16Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
Poet RAT

There is no Yara-Signature yet.