SYMBOLCOMMON_NAMEaka. SYNONYMS
win.janela_rat (Back to overview)

JanelaRAT

According to Zscaler, JanelaRAT is a heavily modified variant of BX RAT. Its focus is set on harvesting LATAM financial data and its method of extracting window titles for transmission underscores its targeted and stealthy nature. With an adaptive approach utilizing dynamic socket configuration and exploiting DLL side-loading from trusted sources, JanelaRAT poses a significant threat.

References
2023-08-10ZscalerGaetano Pellegrino, Sudeep Singh
JanelaRAT - Repurposed BX RAT variant targeting FinTech users in the LATAM region
JanelaRAT

There is no Yara-Signature yet.