SYMBOLCOMMON_NAMEaka. SYNONYMS
win.agewheeze (Back to overview)

AGEWHEEZE

Actor(s): Cyber Serp

According to CERT-UA, AGEWHEEZE is a RAT-type software tool developed using the Go programming language. In addition to the standard functionality for such programs, including command execution and file management, it supports screen capture, mouse and keyboard emulation, clipboard operation, and process and service management. The OS registry, Startup directory, or scheduled task can be used to ensure persistence. Web sockets are used to communicate with the management server.

References
2026-04-01SOC PrimeDaryna Olyniychuk
UAC-0255 Attack Detection: Threat Actors Impersonate CERT-UA to Infect Ukrainian Public and Private Sector Organizations With AGEWHEEZE RAT
AGEWHEEZE Cyber Serp
2026-03-29Cert-UACert-UA
UAC-0255 cyberattack disguised as a notification from CERT-UA using the AGEWHEEZE software tool (CERT-UA#21075)
AGEWHEEZE Cyber Serp

There is no Yara-Signature yet.