Detect ZGRat V1

SectopRAT

SectopRAT is a remote access trojan first seen in November 2019.

SectopRAT payload

Stealc

Stealc is an infostealer written in C++.

ZGRat

ZGRat is remote access trojan written in C#.

Detect binaries embedding considerable number of MFA browser extension IDs.

Detect binaries embedding considerable number of cryptocurrency wallet browser extension IDs.

Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers.

Detects encrypted or obfuscated .NET executables

Downloads MZ/PE file