ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool CrossRAT

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: CrossRAT

NamesCrossRAT
Trupto
CategoryMalware
TypeBackdoor, Info stealer
Description(The Hacker News) CrossRAT is a cross-platform remote access Trojan that can target all four popular desktop operating systems, Windows, Solaris, Linux, and macOS, enabling remote attackers to manipulate the file system, take screenshots, run arbitrary executables, and gain persistence on the infected systems.

According to researchers, Dark Caracal hackers do not rely on any 'zero-day exploits' to distribute its malware; instead, it uses basic social engineering via posts on Facebook groups and WhatsApp messages, encouraging users to visit hackers-controlled fake websites and download malicious applications.

CrossRAT is written in Java programming language, making it easy for reverse engineers and researchers to decompile it.
Information<https://thehackernews.com/2018/01/crossrat-malware.html>
<https://objective-see.com/blog/blog_0x28.html>
MITRE ATT&CK<https://attack.mitre.org/software/S0235/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/jar.crossrat>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

All groups using tool CrossRAT

ChangedNameCountryObserved

APT groups

 Dark CaracalLebanon2007-2020 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]