VenomRAT2
VenomRAT SCMConfig LsaConfigFlags service persistence. NtQueryInformationProcess triple anti-debug. Windows service install.
Threat Profile
Type
RAT
Programming LanguageC#/.NET
C2 ProtocolTCP/HTTPS
First Seen2021
Targets
Küresel
Purpose / Capabilities
- Remote Access
No C2 servers have been identified for this family yet.
Research Reports (1)
VenomRAT -- SCMConfig LsaConfigFlags Servis Kalıcılık, NtQueryInformationProcess Üçlü Anti-Debug | Yüksek
VenomRAT 1.5MB. SCMConfig LsaConfigFlags ConfigureAppInstallControlE Windows servis kalicilik. NtQueryInformationProcess GetTickCount IsDebuggerPresent uclu anti-debug.
Read Report →