Names | KHRAT | |
Category | Malware | |
Type | Reconnaissance, Backdoor, Keylogger, Info stealer | |
Description | (Palo Alto) KHRAT is a Trojan that registers victims using their infected machine’s username, system language and local IP address. KHRAT provides the threat actors typical RAT features and access to the victim system, including keylogging, screenshot capabilities, remote shell access and so on. | |
Information | <https://unit42.paloaltonetworks.com/unit42-updated-khrat-malware-used-in-cambodia-attacks/> <https://blogs.forcepoint.com/security-labs/trojanized-adobe-installer-used-install-dragonok%E2%80%99s-new-custom-backdoor> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.khrat> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:KHRAT> |
Last change to this tool card: 14 May 2020
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
DragonOK | 2015-Jan 2017 | ||||
Rancor | 2017 |
2 groups listed (2 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |