WshRAT
WshRAT Windows Scripting Host RAT. TTCOPYREF VBS cargo tracking delivery. Long random variable obfuscation. String concatenation payload reconstruction.
Threat Profile
Type
RAT
Programming LanguageVBScript
C2 ProtocolTCP/HTTP
First Seen2019
Targets
Küresel
Purpose / Capabilities
- Remote Access/Keylogger
No C2 servers have been identified for this family yet.
Research Reports (1)
WshRAT -- TTCOPYREF251088.vbs VBS Takip Numaralı Teslimat, jcYlyhzds...QqoK Çok Uzun Karakter Rastgele Değişken Adı Obfuskayon, Dize Birleştirme Şifreli Payload Rekonstrüksiyon | Orta
WshRAT 1.8MB TTCOPYREF251088.vbs takip numarali VBS teslimat. jcYlyhzdsjCoseSkpwVLhJnPZKnbEqdkMseQQqoK uzun rastgele degisken ismi obfuskasyon. Dize birlestirme sifreleme.
Read Report →