ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool RotBot

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: RotBot

NamesRotBot
CategoryMalware
TypeReconnaissance, Backdoor, Keylogger, Credential stealer, Info stealer, Exfiltration, Tunneling
Description(Talos) RotBot, the QuasarRAT client variant, in its initial execution phase, performs several detection evasion checks on the victim machine and conducts system reconnaissance. RotBot then connects to a host on a legitimate domain, likely controlled by the threat actor, and downloads the configuration file for the RotBot to connect to the C2. CoralRaider uses the Telegram bot as the C2 channel in this campaign.
Information<https://blog.talosintelligence.com/coralraider-targets-socialmedia-accounts/>

Last change to this tool card: 18 June 2024

Download this tool card in JSON format

All groups using tool RotBot

ChangedNameCountryObserved

Other groups

 CoralRaiderVietnam2023-Feb 2024 

1 group listed (0 APT, 1 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]