SYMBOLCOMMON_NAMEaka. SYNONYMS
win.boratrat (Back to overview)

Borat RAT


The Borat RAT comes bundled with its components (e.g. binary builder, supporting modules, server certificates). According to Cyble this malware is an unique combination of RAT, Spyware, and ransomware.
The supporting modules are included; a few of the capabilities: Keylogger, Ransomware, Audio/Webcam Recording, Process Hollowing, Browser Credential/Discord Token Stealing, etc.

References
2022-04-28BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220428:threat:f14a615, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: BoratRAT}}, date = {2022-04-28}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/04/threat-thursday-boratrat}, language = {English}, urldate = {2022-05-08} } Threat Thursday: BoratRAT
Borat RAT
2022-04-03Bleeping ComputerBill Toulas
@online{toulas:20220403:new:526c2ba, author = {Bill Toulas}, title = {{New Borat remote access malware is no laughing matter}}, date = {2022-04-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-borat-remote-access-malware-is-no-laughing-matter/}, language = {English}, urldate = {2022-04-04} } New Borat remote access malware is no laughing matter
Borat RAT
2022-03-31Cyble
@online{cyble:20220331:deep:88a14dc, author = {Cyble}, title = {{Deep Dive Analysis - Borat RAT}}, date = {2022-03-31}, url = {https://blog.cyble.com/2022/03/31/deep-dive-analysis-borat-rat/}, language = {English}, urldate = {2022-04-04} } Deep Dive Analysis - Borat RAT
Borat RAT

There is no Yara-Signature yet.