 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: MagicRAT| Names | MagicRAT | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (Talos) MagicRAT is programmed in C++ programming language and uses the Qt Framework by statically linking it to the RAT on 32- and 64-bit versions. The Qt Framework is a programming library for developing graphical user interfaces, of which this RAT has none. Talos believes that the objective was to increase the complexity of the code, thus making human analysis harder. On the other hand, since there are very few examples (if any) of malware programmed with Qt Framework, this also makes machine learning and heuristic analysis detection less reliable. | |
| Information | <https://blog.talosintelligence.com/2022/09/lazarus-magicrat.html> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.magic_rat> | |
Last change to this tool card: 27 December 2022
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | Lazarus Group, Hidden Cobra, Labyrinth Chollima |  | 2007-Sep 2024  |  | |
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |