Actor(s): Silent Chollima
QuiteRAT is a simple remote access trojan written with the help of Qt libraries.
After sending preliminary system information to its C&C server, it expects a response containing either a supported command code or an actual Windows command (like systeminfo or ipconfig with parameters) to execute.
It was deployed in a campaign exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966).
|2023-08-24 ⋅ Cisco Talos ⋅ |
Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT
|2023-08-22 ⋅ AhnLab ⋅ |
Analyzing the new attack activity of the Andariel group
Andardoor MimiKatz QuiteRAT Tiger RAT Volgmer
|2023-02-23 ⋅ Bitdefender ⋅ |
Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966
Cobalt Strike DarkComet QuiteRAT RATel
|2023-02-02 ⋅ WithSecure ⋅ |
No Pineapple! –DPRK Targeting of Medical Research and Technology Sector
Dtrack GREASE QuiteRAT
There is no Yara-Signature yet.