 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: KHRAT| Names | KHRAT | |
| Category | Malware | |
| Type | Reconnaissance, Backdoor, Keylogger, Info stealer | |
| Description | (Palo Alto) KHRAT is a Trojan that registers victims using their infected machine’s username, system language and local IP address. KHRAT provides the threat actors typical RAT features and access to the victim system, including keylogging, screenshot capabilities, remote shell access and so on. | |
| Information | <https://unit42.paloaltonetworks.com/unit42-updated-khrat-malware-used-in-cambodia-attacks/> <https://blogs.forcepoint.com/security-labs/trojanized-adobe-installer-used-install-dragonok%E2%80%99s-new-custom-backdoor> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.khrat> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:KHRAT> | |
Last change to this tool card: 14 May 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| DragonOK |  | 2015-Jan 2017 | |||
| Rancor | | 2017 | |||
2 groups listed (2 APT, 0 other, 0 unknown)
|
Infrastructure and Security Department Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |