SYMBOLCOMMON_NAMEaka. SYNONYMS
win.innfirat (Back to overview)

win.innfirat

InnifiRAT is coded in .NET and targets personal data on infected devices, with it's top priority appearing to be bitcoin and litecoin wallet data.

InffiRAT also includes a backdoor which allows attackers to control the infected host remotely. Possibilities include loggin key stroke, taking pictures with webcam, accessing confidential information, formatting drives, and more.

It attempts to steal browser cookies to steal usernames and passwords and monitors the users activities with screenshot functionality.

References
2019-09-12ZscalerRohit Chaturvedi, Sahil Antil
InnfiRAT: A new RAT aiming for your cryptocurrency and more
win.innfirat

There is no Yara-Signature yet.