AlmondRAT (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.almondrat (Back to overview)

AlmondRAT

Actor(s): HAZY TIGER

AlmondRAT is a .NET Remote Access Trojan deployed by the Bitter APT group. It is capable of collecting system information, modifying and exfiltrating data and allows for remote command execution.

References

2022-07-05 ⋅ SECUINFRA ⋅ SECUINFRA Falcon Team
Whatever floats your Boat – Bitter APT continues to target Bangladesh
AlmondRAT Artra Downloader Bitter RAT ZxxZ

There is no Yara-Signature yet.

AlmondRAT Propose Change

References

AlmondRAT