SYMBOLCOMMON_NAMEaka. SYNONYMS
win.astarion_rat (Back to overview)

AstarionRAT

aka: MIMICRAT

According to Huntress, AstarionRAT is a full-featured RAT with 24 commands, including credential theft, SOCKS5 proxy, port scanning, reflective code loading, and shell execution, with RSA-encrypted C2 communication disguised as application telemetry.

References
2026-02-19ElasticElastic Security Labs
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT
2026-02-16Huntress LabsAnna Pham, Michael Tigges
ClickFix Won't Die. Neither Will Matanbuchus. A New RAT and a Hands-on-Keyboard Intrusion
AstarionRAT Matanbuchus

There is no Yara-Signature yet.