Unidentified 066 (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.unidentified_066 (Back to overview)

Unidentified 066

Actor(s): Operation C-Major

This .net executable can receive commands from c2 sever, upload and download files according to the returned content, perform an uninstall, or modify the registry to achieve persistence across reboots. At the end, it downloads a Python-based RAT, called PeppyRAT.

References

2019-03-05 ⋅ ⋅ Tencent ⋅ Tencent
TransparentTribe APT organizes 2019 attacks on Indian government and military targets
Crimson RAT Unidentified 066 Operation C-Major

There is no Yara-Signature yet.

Unidentified 066 Propose Change

References

Unidentified 066