S1063Windows

S1063Brute Ratel C4

Platforms
1
ATT&CK
14.1
References
6

Description

[Brute Ratel C4](https://attack.mitre.org/software/S1063) is a commercial red-teaming and adversarial attack simulation tool that first appeared in December 2020. [Brute Ratel C4](https://attack.mitre.org/software/S1063) was specifically designed to avoid detection by endpoint detection and response (EDR) and antivirus (AV) capabilities, and deploys agents called badgers to enable arbitrary command execution for lateral movement, privilege escalation, and persistence. In September 2022, a cracked version of [Brute Ratel C4](https://attack.mitre.org/software/S1063) was leaked in the cybercriminal underground, leading to its use by threat actors.(Citation: Dark Vortex Brute Ratel C4)(Citation: Palo Alto Brute Ratel July 2022)(Citation: MDSec Brute Ratel August 2022)(Citation: SANS Brute Ratel October 2022)(Citation: Trend Micro Black Basta October 2022)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S1063
  2. https://www.mdsec.co.uk/2022/08/part-3-how-i-met-your-beacon-brute-ratel/
  3. https://bruteratel.com/
  4. https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
  5. https://www.trendmicro.com/en_us/research/22/j/black-basta-infiltrates-networks-via-qakbot-brute-ratel-and-coba.html
  6. https://www.sans.org/blog/cracked-brute-ratel-c4-framework-proliferates-across-the-cybercriminal-underground/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Bandook
Software
4H RAT
Software
Imminent Monitor
Software
StrifeWater
Software
WarzoneRAT
Software
BlackCat
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.