SYMBOLCOMMON_NAMEaka. SYNONYMS
win.almondrat (Back to overview)

AlmondRAT

Actor(s): HAZY TIGER


AlmondRAT is a .NET Remote Access Trojan deployed by the Bitter APT group. It is capable of collecting system information, modifying and exfiltrating data and allows for remote command execution.

References
2022-07-05SECUINFRASECUINFRA Falcon Team
@online{team:20220705:whatever:caa840b, author = {SECUINFRA Falcon Team}, title = {{Whatever floats your Boat – Bitter APT continues to target Bangladesh}}, date = {2022-07-05}, organization = {SECUINFRA}, url = {https://www.secuinfra.com/en/techtalk/whatever-floats-your-boat-bitter-apt-continues-to-target-bangladesh/}, language = {English}, urldate = {2022-07-13} } Whatever floats your Boat – Bitter APT continues to target Bangladesh
AlmondRAT Artra Downloader Bitter RAT ZxxZ

There is no Yara-Signature yet.