Skip to content

JPCERTCC/GobRAT-Analysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
C2EmulationTool
C2EmulationTool
 
 
DecryptTool
DecryptTool
 
 
Demo
Demo
 
 
IoC_C2Scan
IoC_C2Scan
 
 
Slide
Slide
 
 
YaraGenerateTool
YaraGenerateTool
 
 
YaraRule
YaraRule
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

GobRAT-Analysis

This repository publishes analysis reports and analysis tools for GobRAT

IoC_C2Scan

IoC in CSV format with C2 scan over a long period of time

https://github.com/JPCERTCC/GobRAT-Analysis/blob/main/IoC_C2Scan/ioc_c2.csv

C2EmulationTool

C2 emulation tool written by golang that supports analysis of GobRAT malware. For more information, see https://github.com/JPCERTCC/GobRAT-Analysis/tree/main/C2EmulationTool

DecryptTool

IDA Python tool to decrypt GobRAT strings for x86-64

https://github.com/JPCERTCC/GobRAT-Analysis/blob/main/DecryptTool/Decrypt_GobRAT.py

YaraGenerateTool

IDA Python tool for automatic generation of GobRAT yara rules for x86, x86-64, MIPS and ARM

https://github.com/JPCERTCC/GobRAT-Analysis/blob/main/YaraGenerateTool/YaraGene_GobRAT_MultiArch.py

YaraRule

GobRAT yara rule for x86, x86-64, MIPS and ARM

https://github.com/JPCERTCC/GobRAT-Analysis/tree/main/YaraRule

Slide

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity
Custom properties

Stars

1 star

Watchers

7 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages