GOVRAT V2.0
GovRat-2-FINAL2
GovRat-2-FINAL2
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>GOVRAT</strong> <strong>V2.0</strong><br />
ATTACKING US MILITARY AND GOVERNMENT<br />
GovRAT V.2 FEATURES<br />
• Access C&C with any browser.<br />
• Compile C&C for Linux OR Windows.<br />
• Cannot be reversed without the private<br />
key. 0day anti-debugging.<br />
• Automatically maps all hard disks and<br />
network disks.<br />
• Creates a map of files to browse even<br />
when the target is offline.<br />
• Remote shell/command execution.<br />
• Upload files or Upload and Execute<br />
files to target.<br />
• Download files from target. All files<br />
are compressed with LZMA for<br />
faster downloads and encrypted on<br />
transport.<br />
• Customized encryption for<br />
communications. No two machines will<br />
use the same key (ever).<br />
• SSL Support for communication. (you<br />
have to get your own *Valid* SSL<br />
certificate to use this).<br />
• Does not use SOCKS libraries. Uses<br />
special Windows APIs to communicate<br />
and cannot be blocked.<br />
• C&C creates a one-time password<br />
every time the user logs in for extra<br />
security.<br />
• Comes with source for FUD keylogger<br />
that sends keys to another server.<br />
• Excellent for long term campaigns<br />
where a stable connection is needed.<br />
UPDATES<br />
• %100 FUD Again after Blue Coat<br />
discovered the RAT.<br />
• Network spreading module<br />
(using ARP/MITM to hijack all exe<br />
downloads) - turns on and off<br />
with 1 click.<br />
• Endpoint bypass<br />
• 360 bypass<br />
ADDITIONAL UPDATES<br />
(APRIL 28, 2016)<br />
• Browser password dumper<br />
(all common browsers)<br />
• Mail password dumper<br />
(all common all clients)<br />
• Cleartext network password sniffer<br />
(many modules including http, ftp,<br />
imap, pop3, etc...)<br />
• Network shares password dumper<br />
(saved passwords)<br />
• USB spread with 2 options<br />
(1. fake shortcut method, 2. DLL<br />
Hijacking of common applications<br />
based on private list and research)<br />
• TOR onion domain support added!<br />
COST<br />
• $1,000<br />
Gets you basic bin and C&C code<br />
(no extra modules)<br />
• $1,600<br />
Gets you bin and C&C code<br />
(all modules)<br />
• $3,000<br />
fGets you basic source code<br />
(no modules)<br />
• $6,000<br />
Gets you source of everything<br />
3