WshRAT

WshRAT Windows Scripting Host RAT. TTCOPYREF VBS cargo tracking delivery. Long random variable obfuscation. String concatenation payload reconstruction.

Threat Profile
Type RAT
Programming LanguageVBScript
C2 ProtocolTCP/HTTP
First Seen2019
Targets Küresel
Purpose / Capabilities
  • Remote Access/Keylogger
No C2 servers have been identified for this family yet.

Research Reports (1)

Medium

WshRAT -- TTCOPYREF251088.vbs VBS Takip Numaralı Teslimat, jcYlyhzds...QqoK Çok Uzun Karakter Rastgele Değişken Adı Obfuskayon, Dize Birleştirme Şifreli Payload Rekonstrüksiyon | Orta

WshRAT 1.8MB TTCOPYREF251088.vbs takip numarali VBS teslimat. jcYlyhzdsjCoseSkpwVLhJnPZKnbEqdkMseQQqoK uzun rastgele degisken ismi obfuskasyon. Dize birlestirme sifreleme.

Read Report →