S0428Windows

S0428PoetRAT

Platforms
1
ATT&CK
14.1
References
4

Description

[PoetRAT](https://attack.mitre.org/software/S0428) is a remote access trojan (RAT) that was first identified in April 2020. [PoetRAT](https://attack.mitre.org/software/S0428) has been used in multiple campaigns against the private and public sectors in Azerbaijan, including ICS and SCADA systems in the energy sector. The STIBNITE activity group has been observed using the malware. [PoetRAT](https://attack.mitre.org/software/S0428) derived its name from references in the code to poet William Shakespeare. (Citation: Talos PoetRAT April 2020)(Citation: Talos PoetRAT October 2020)(Citation: Dragos Threat Report 2020)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0428
  2. https://hub.dragos.com/hubfs/Year-in-Review/Dragos_2020_ICS_Cybersecurity_Year_In_Review.pdf?hsCtaTracking=159c0fc3-92d8-425d-aeb8-12824f2297e8%7Cf163726d-579b-4996-9a04-44e5a124d770
  3. https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html
  4. https://blog.talosintelligence.com/2020/10/poetrat-update.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
RDAT
Software
Action RAT
Software
Winnti for Windows
Software
BBSRAT
Software
4H RAT
Software
ROKRAT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.