SYMBOLCOMMON_NAMEaka. SYNONYMS
py.pyration (Back to overview)

PY#RATION


According to Securonix, this malware exhibits remote access trojan (RAT) behavior, allowing for control of and persistence on the affected host. As with other RATs, PY#RATION possesses a whole host of features and capabilities, including data exfiltration and keylogging. What makes this malware particularly unique is its utilization of websockets for both command and control (C2) communication and exfiltration as well as how it evades detection from antivirus and network security measures.

References
2023-01-25SecuronixDen Iyzvyk, Oleg Kolesnikov, Tim Peck
Securonix Security Advisory: Python-Based PY#RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection
PY#RATION

There is no Yara-Signature yet.