ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool CrossRAT

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: CrossRAT

NamesCrossRAT
Trupto
CategoryMalware
TypeBackdoor, Info stealer
Description(The Hacker News) CrossRAT is a cross-platform remote access Trojan that can target all four popular desktop operating systems, Windows, Solaris, Linux, and macOS, enabling remote attackers to manipulate the file system, take screenshots, run arbitrary executables, and gain persistence on the infected systems.

According to researchers, Dark Caracal hackers do not rely on any 'zero-day exploits' to distribute its malware; instead, it uses basic social engineering via posts on Facebook groups and WhatsApp messages, encouraging users to visit hackers-controlled fake websites and download malicious applications.

CrossRAT is written in Java programming language, making it easy for reverse engineers and researchers to decompile it.
Information<https://thehackernews.com/2018/01/crossrat-malware.html>
<https://objective-see.com/blog/blog_0x28.html>
MITRE ATT&CK<https://attack.mitre.org/software/S0235/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/jar.crossrat>

Last change to this tool card: 12 May 2020

Download this tool card in JSON format

Previous: CronBot
Next: CrossWalk

All groups using tool CrossRAT

ChangedNameCountryObserved

APT groups

 Dark CaracalLebanon2007-2020 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key