GitHub - kevthehermit/RATDecoders: Python Decoders for Common Remote Access Trojans
Tags
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Tool - T1588.002 Sudo - T1169 |
Common Information
| Type | Value |
|---|---|
| UUID | c63bf5dc-4608-4f90-a460-ca2d2ca5cab0 |
| Fingerprint | 1284195cdb8674ca |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 19, 2021, midnight |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | kevthehermit/RATDecoders |
| Title | GitHub - kevthehermit/RATDecoders: Python Decoders for Common Remote Access Trojans |
| Detected Hints/Tags/Attributes | 50/1/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/kevthehermit/RATDecoders |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 138 | setup.py |
|
| Details | Domain | 13 | malware.lu |
|
| Details | Domain | 79 | code.google.com |
|
| Details | Domain | 184 | www.fireeye.com |
|
| Details | Domain | 1 | www.matasano.com |
|
| Details | 16 | git@github.com |
||
| Details | File | 144 | requirements.txt |
|
| Details | File | 127 | setup.py |
|
| Details | File | 41 | sample.exe |
|
| Details | File | 1 | module.config |
|
| Details | File | 1 | xtremerat-nuisance-or-threat.html |
|
| Details | File | 1 | pest-control.pdf |
|
| Details | Github username | 12 | virustotal |
|
| Details | IPv4 | 2 | 213.208.129.211 |
|
| Details | Url | 1 | https://github.com/virustotal/yara-python |
|
| Details | Url | 1 | https://code.google.com/p/malware-lu/wiki/en_xtreme_rat |
|
| Details | Url | 1 | http://www.fireeye.com/blog/technical/2014/02/xtremerat-nuisance-or-threat.html |
|
| Details | Url | 1 | http://www.matasano.com/research/pest-control.pdf |