Cisco Talos has discovered a Python-based RAT they call Poet RAT. It is dropped from a Word document and delivered including a Python interpreter and required libraries. The name originates from references to Shakespeare. Exfiltration happens through FTP.
|2020-11-03 ⋅ Kaspersky Labs ⋅ |
APT trends report Q3 2020
WellMail EVILNUM Janicab Poet RAT AsyncRAT Ave Maria Cobalt Strike Crimson RAT CROSSWALK Dtrack LODEINFO MoriAgent Okrum PlugX poisonplug Rover ShadowPad SoreFang Winnti
|2020-10-06 ⋅ Talos ⋅ |
PoetRAT: Malware targeting public and private sector in Azerbaijan evolves
|2020-09-24 ⋅ Kaspersky Labs ⋅ |
Threat landscape for industrial automation systems - H1 2020
Poet RAT Mailto Milum RagnarLocker REvil Ryuk Snake Ransomware
|2020-04-16 ⋅ Cisco Talos ⋅ |
PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors
There is no Yara-Signature yet.