
Researchers have discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system.
Unlike other RATs, the Borat RAT provides Ransomware and DDOS services to attackers expanding their capabilities. Also allows its operators to compile the malware binary for performing specific features, including DDoS and ransomware attacks.
The RAT has a modular structure, each module implements a specific functionality. Below a list of the modules analyzed :
- Keylogger
- Ransomware
- DDOS
- Audio Recording
- Webcam recordingÂ
- Remote desktopÂ
- Reverse proxyÂ
- Device informationÂ
- Process hollowingÂ
- Credential stealingÂ
- Discord token stealingÂ
The BORAT RAT is also able to perform the following activities to disturb the victims: Play Audio, Swap Mouse Buttons, Show/hide the Desktop, Show/hide the taskbar, Hold Mouse, Enable/Disable webcam light, Hang System, Monitor Off, Blank screen, etc. Â
Indicators of Compromise
d2ce3aa530ba6b6680759b79aa691260244ca91f5031aa9670248924cc983fb0 |
b47c77d237243747a51dd02d836444ba067cf6cc4b8b3344e5cf791f5f41d20e |
f29e697efd7c5ecb928c0310ea832325bf6518786c8e1585e1b85cdc8701602f |
8c300944ae62e17ab05ad408c5fb5473ebccac514c8ddc17c47bc9fda451c91b |
df31a70ceb0c481646eeaf94189242200fafd3df92f8b3ec97c0d0670f0e2259 |
8fa7634b7dca1a451cf8940429be6ad2440821ed04d5d70b6e727e5968e0b5f6 |
6a4f32b0228092ce68e8448c6f4b74b4c654f40fb2d462c1d6bbd4b4ef09053d |
7f8a306826fcb0ee985a2b6d874c805f7f9b2062a1123ea4bb7f1eba90fc1b81 |
2d9625f41793f62bfe32c10b2d5e05668e321bcaf8b73414b3c31ef677b9bff4 |
dcac599b1bab37e1a388ac469e6cc5de1f35eb02beaa6778f07a1c090ce3ea04 |
a15d72d990686d06d89d7e11df2b16bcd5719a40298c19d046fa22c40d56af44 |
5c124a7e35025d3e94df6b17dca5332e9a5aaabdca2355c113f3c93b572281b7 |
16beb1ae2de2974ccc2371d9f619f492295e590abb65d3102e362c8ec27f2bbb |
2f258949fd95da6cd912beb7203a9fd5e99d050309a40341de67537edb75aadc |
adb00dee751b4ba620d3b0e002f5b6d8b89cf63b062f74ec65bba72294d553d1 |
f91973113fd01465999ce317f3e7a89df8c91a5efadcfa61e5ccce687bf3580a |
f91973113fd01465999ce317f3e7a89df8c91a5efadcfa61e5ccce687bf3580a |
7eed1b90946a6db1fe978d177a80542b5db0bf3156c979dc8a8869a94811bf4b |
c9b8e795c5a024f9e3c85ba64534b9bf52cc8c3d29b95ff6417dc3a54bc68b95 |
5b1f80ff787bdcd7ee12aa64be1f2f5f1f658bd644bbc5fd73527b51da6ce0d6 |
54f554b9e330476b3903756f62b577bab35cdef941d3d0f6a3d607862762bf91 |
58f9e3c90446dfecfec64221eb11167dd41d0e8dedda2ea9f83d9dda2890e6f3 |
657e3f1f449c0b710b0c571ec8eee689ae16793fb63b996e0182420d768f89bd |
203300be75ad8f57972324519b2583a44e759cdd57390d6765df10288e249789 |
cc5b49d2a2821d4f6ef6af8a1e50994c6690d6a4daa41bd048fe79bd8b578988 |
d8a115310142f2e874dc7ea2a393fada679838bddb87f4cfd9aaef631641cb72 |
0da1bd8e67d6f499cc3b296fc278103497f7ca2f692fe76e3c0413b0e14df777 |
e06a66122af82580a883ce21609f89628e5dd648726307693d398c0661a1e5c1 |