GoRAT
Go-based AsyncClientRAT. writeKeyLog TLS session key logging. victim string. WriteProcessMemory SetThreadContext process injection. CryptUnprotectData PFXImportCertStore credential theft. CreateServiceW persistence. SMB/DNS lateral movement.
Threat Profile
Type
RAT
Programming LanguageGo
C2 ProtocolTLS/HTTPS
First Seen2023
Targets
Küresel
Purpose / Capabilities
- Remote Access/Credential Theft/Lateral Movement
No C2 servers have been identified for this family yet.
Research Reports (1)
AsyncClientGoRAT -- writeKeyLog KeyLogWriter TLS Oturum Anahtarı Kaydı, victim Kurban Takip Stringi, WriteProcessMemory SetThreadContext Proses Enjeksiyonu, CryptUnprotectData PFXImportCertStore Kimlik Çalma | Kritik
Go tabanlı AsyncClient.exe 4MB RAT. writeKeyLog KeyLogWriter TLS oturum anahtari kaydedici. victim kurban takip stringi. WriteProcessMemory SetThreadContext proses enjeksiyonu. CryptUnprotectData PFXImportCertStore kimlik calma.
Read Report →