VenomRAT2

VenomRAT SCMConfig LsaConfigFlags service persistence. NtQueryInformationProcess triple anti-debug. Windows service install.

Threat Profile
Type RAT
Programming LanguageC#/.NET
C2 ProtocolTCP/HTTPS
First Seen2021
Targets Küresel
Purpose / Capabilities
  • Remote Access
No C2 servers have been identified for this family yet.

Research Reports (1)

High

VenomRAT -- SCMConfig LsaConfigFlags Servis Kalıcılık, NtQueryInformationProcess Üçlü Anti-Debug | Yüksek

VenomRAT 1.5MB. SCMConfig LsaConfigFlags ConfigureAppInstallControlE Windows servis kalicilik. NtQueryInformationProcess GetTickCount IsDebuggerPresent uclu anti-debug.

Read Report →