GoRAT

Go-based AsyncClientRAT. writeKeyLog TLS session key logging. victim string. WriteProcessMemory SetThreadContext process injection. CryptUnprotectData PFXImportCertStore credential theft. CreateServiceW persistence. SMB/DNS lateral movement.

Threat Profile
Type RAT
Programming LanguageGo
C2 ProtocolTLS/HTTPS
First Seen2023
Targets Küresel
Purpose / Capabilities
  • Remote Access/Credential Theft/Lateral Movement
No C2 servers have been identified for this family yet.

Research Reports (1)

Critical

AsyncClientGoRAT -- writeKeyLog KeyLogWriter TLS Oturum Anahtarı Kaydı, victim Kurban Takip Stringi, WriteProcessMemory SetThreadContext Proses Enjeksiyonu, CryptUnprotectData PFXImportCertStore Kimlik Çalma | Kritik

Go tabanlı AsyncClient.exe 4MB RAT. writeKeyLog KeyLogWriter TLS oturum anahtari kaydedici. victim kurban takip stringi. WriteProcessMemory SetThreadContext proses enjeksiyonu. CryptUnprotectData PFXImportCertStore kimlik calma.

Read Report →