AllaKore (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.allakore (Back to overview)

AllaKore

AllaKore is a simple Remote Access Tool written in Delphi, first observed in 2015 but still in early stages of development. It implements the RFB protocol which uses frame buffers and thus is able to send back only the changes of screen frames to the controller, speeding up the transport and visualization control.

References

2023-11-06 ⋅ Seqrite ⋅ Sathwik Ram Prakki
SideCopy’s Multi-platform Onslaught: Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT
Action RAT AllaKore

2023-04-19 ⋅ Team Cymru ⋅ S2 Research Team
AllaKore(d) the SideCopy Train
AllaKore

2023-01-01 ⋅ ThreatMon ⋅ Seyit Sigirci (@h3xecute), ThreatMon Malware Research Team
The Anatomy of a Sidecopy Attack: From RAR Exploits to AllaKore RAT
AllaKore

2021-10-26 ⋅ Kaspersky ⋅ Kaspersky Lab ICS CERT
APT attacks on industrial organizations in H1 2021
8.t Dropper AllaKore AsyncRAT GoldMax LimeRAT NjRAT NoxPlayer Raindrop ReverseRAT ShadowPad Zebrocy

2021-07-07 ⋅ Talos Intelligence ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore NjRAT SideCopy

2021-07-07 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore Lilith NjRAT

2021-07-07 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal (IOCs)
AllaKore Lilith NjRAT

2021-07-07 ⋅ Talos ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal (Network IOCs)
AllaKore Lilith NjRAT

2021-07-02 ⋅ Cisco ⋅ Asheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore CetaRAT Lilith NjRAT ReverseRAT

2020-09-23 ⋅ Seqrite ⋅ Goutam Tripathy, Kalpesh Mantri, Pawan CHaudhari
Operation SideCopy: An insight into Transparent Tribe’s sub-division which has been incorrectly attributed for years
CACTUSTORCH AllaKore

2019-12-31 ⋅ Twitter (@_re_fox) ⋅ _re_fox
Tweet on AllaKore indicators
AllaKore

2019-07-08 ⋅ Medium Sebdraven ⋅ Sébastien Larinier
Copy cat of APT Sidewinder ?
AllaKore SideCopy

2015-10-19 ⋅ Github (Anderson-D) ⋅ Anderson D
Github Repository for AllaKore
AllaKore

There is no Yara-Signature yet.

AllaKore Propose Change

References

AllaKore