Python RAT with a Nice Screensharing Feature
Nov. 5, 2024, 12:33 p.m.
Tags
External References
Description
A Python Remote Access Trojan (RAT) with advanced capabilities, including a notable screensharing feature, has been discovered. The RAT, based on a two-year-old script, has a low detection rate on VirusTotal. It offers numerous functions to control the victim's computer, such as shell access, webcam control, and registry manipulation. The screensharing feature utilizes the 'vidstream' Python library, enabling real-time viewing of the victim's screen. A proof-of-concept demonstrated the RAT's ability to stream the victim's screen to the attacker's computer. This exemplifies Python's growing popularity among attackers for creating sophisticated malware, even for Windows environments.
Date
Published: Nov. 5, 2024, 11:42 a.m.
Created: Nov. 5, 2024, 11:42 a.m.
Modified: Nov. 5, 2024, 12:33 p.m.
Indicators
1281b7184278f2a4814b245b48256da32a6348b317b83c440008849a16682ccb
Attack Patterns
Python RAT
T1569.002
T1021.001
T1059.006
T1552.001
T1120
T1553.002
T1115
T1547.001
T1056.001
T1113
T1562.001
T1016
T1070
T1518
T1082
T1057
T1105
T1083
T1055