HoudiniRAT

HoudiniRAT H-Worm VBScript/JS based RAT. It has been active since 2014. It distributes it with BEC strains. _0x hex obfuscation. give-me-ffpv C2 command. ADODB.Stream bin.base64 loader.

Threat Profile
Type Backdoor
Programming LanguageVBScript/JavaScript
C2 ProtocolHTTP
First Seen2014
Targets Küresel/Orta Doğu
Purpose / Capabilities
  • Remote Access/Info Theft
No C2 servers have been identified for this family yet.

Research Reports (1)

High

HoudiniRAT -- IDC DCF TRANSFER.js BEC Lürü, _0x21af Array, give-me-ffpv Komutu, bin.base64 Loader | Yüksek

HoudiniRAT 230KB IDC202001281QA REF DCF TRANSFER.js BEC lur. _0x21af obfuscated array. give-me-ffpv benzersiz komut. bin.base64 rundll loader zinciri.

Read Report →