Binanen is a dropper that drops and executes a section of itself into a hidden dummy process. According to F-Secure, it executes command line tools such as (for example) asipconfig, which is useful to retrieve the network configuration. The malware aims to steal information about the machine, the username, installed software and, more generally speaking, it potentially can carry out actions on the compromised machine.
|2020 ⋅ Secureworks ⋅ |
Binanen Ghost RAT OrcaRAT APT5
|2012-08-30 ⋅ Sophos ⋅ |
There is no Yara-Signature yet.