Rustonotto (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.rustonotto (Back to overview)

Rustonotto

aka: CHILLYCHINO

Actor(s): APT37

Rustonotto, active since June 2025, is a Rust-compiled malware, representing the first known instance of APT37 leveraging Rust-based malware to target Windows systems.

References

2025-09-08 ⋅ Zscaler ⋅ Seongsu Park
APT37 Targets Windows with Rust Backdoor and Python Loader
Rustonotto

There is no Yara-Signature yet.

Rustonotto Propose Change

References

Rustonotto