Threat Profile: Rokrat Trojan
Tags
cmtmf-attack-pattern: Code Injection
country: North Korea
maec-delivery-vectors: Watering Hole
attack-pattern: Data Code Injection - T1540 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID eaf2aba7-02c1-42b5-86c3-315a691c396c
Fingerprint e1440d2d2bae57ce
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 2, 2018, 7:59 p.m.
Added to db Jan. 18, 2023, 7:36 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline Threat Profile: Rokrat Trojan
Title Threat Profile: Rokrat Trojan
Detected Hints/Tags/Attributes 41/4/9
Source URLs
Redirection Url
Details Source http://blog.morphisec.com/threat-profile-rokrat
URL Provider
Details Provider Source level domain
Details morphisec.com blog.morphisec.com
Attributes
Details Type #Events CTI Value
Details CVE 7 
cve-2013-0808
Details Domain 261 
blog.talosintelligence.com
Details File 2127 
cmd.exe
Details File 2 
rokrat-reloaded.html
Details File 2 
introducing-rokrat.html
Details sha256 3 
9b383ebc1c592d5556fec9d513223d4f99a5061591671db560faf742dd68493f
Details sha256 3 
a29b07a6fe5d7ce3147dd7ef1d7d18df16e347f37282c43139d53cce25ae7037
Details Url 2 
http://blog.talosintelligence.com/2017/11/rokrat-reloaded.html
Details Url 2 
http://blog.talosintelligence.com/2017/04/introducing-rokrat.html