S0694Windows

S0694DRATzarus

Platforms
1
ATT&CK
14.1
References
2

Description

[DRATzarus](https://attack.mitre.org/software/S0694) is a remote access tool (RAT) that has been used by [Lazarus Group](https://attack.mitre.org/groups/G0032) to target the defense and aerospace organizations globally since at least summer 2020. [DRATzarus](https://attack.mitre.org/software/S0694) shares similarities with [Bankshot](https://attack.mitre.org/software/S0239), which was used by [Lazarus Group](https://attack.mitre.org/groups/G0032) in 2017 to target the Turkish financial sector.(Citation: ClearSky Lazarus Aug 2020)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupLazarus Groupg0032100%live

References

  1. https://attack.mitre.org/software/S0694
  2. https://www.clearskysec.com/wp-content/uploads/2020/08/Dream-Job-Campaign.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Bankshot
Software
RATANKBA
Software
Dacls
Software
WarzoneRAT
Software
RDAT
Software
FALLCHILL
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.