Home >
List all groups >
List all tools > List all groups using tool RokRAT
Tool: RokRAT
| Names | RokRAT |
| Category | Malware |
| Type | Reconnaissance, Backdoor, Keylogger, Credential stealer, Info stealer, Exfiltration, Downloader |
| Description | (Carbon Black) ROKRAT is a Remote Access Trojan (RAT). ROKRAT provides attackers with numerous capabilities to introduce additional tools and malware onto a network, exfiltrate data, harvest credentials, as well as capture screenshots of the victim system. The latest variants of ROKRAT use internet cloud solutions such as PCloud, Dropbox, and Yandex as a command and control (C2) channel. |
| Information | <https://www.carbonblack.com/2018/02/27/threat-analysis-rokrat-malware/>
<http://s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/002/191/original/Talos_RokRatWhitePaper.pdf>
<http://blog.talosintelligence.com/2017/04/introducing-rokrat.html>
<http://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html>
<https://www.intezer.com/apt37-final1stspy-reaping-the-freemilk/>
<http://blog.talosintelligence.com/2017/11/ROKRAT-Reloaded.html>
<https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/november/rokrat-analysis/>
<https://research.checkpoint.com/2023/chain-reaction-rokrats-missing-link/>
<https://threatmon.io/reverse-engineering-rokrat-a-closer-look-at-apt37s-onedrive-based-attack-vector/> |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0240/> |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.rokrat> |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:ROKRAT> |
Last change to this tool card: 21 June 2023
Download this tool card in JSON format
Previous: RotBot
Next: Roland
All groups using tool RokRAT
1 group listed (1 APT, 0 other, 0 unknown)
