RAFEL RAT, ANDROID MALWARE FROM ESPIONAGE TO RANSOMWARE OPERATIONS
June 20, 2024, 6:12 p.m.
Tags
External References
Description
Check Point Research has identified multiple threat actors utilizing Rafel, an open-source remote administration tool (RAT). The discovery of an espionage group leveraging Rafel in their operations was of particular significance, as it indicates the tool’s efficacy across various threat actor profiles and operational objectives.
Date
Published: June 20, 2024, 5:50 p.m.
Created: June 20, 2024, 5:50 p.m.
Modified: June 20, 2024, 6:12 p.m.
Indicators
c94416790693fb364f204f6645eac8a5483011ac73dba0d6285138014fa29a63
5148ac15283b303357107ab4f4f17caf00d96291154ade7809202f9ab8746d0b
9b718877da8630ba63083b3374896f67eccdb61f85e7d5671b83156ab182e4de
344d577a622f6f11c7e1213a3bd667a3aef638440191e8567214d39479e80821
d1f2ed3e379cde7375a001f967ce145a5bba23ca668685ac96907ba8a0d29320
442fbbb66efd3c21ba1c333ce8be02bb7ad057528c72bf1eb1e07903482211a9
Attack Patterns
Rafel RAT
T1565
T1211
T1486
T1036
T1592
T1078