GOVRAT V2.0

GOVRAT V2.0
ATTACKING US MILITARY AND GOVERNMENT
GovRAT V.2 FEATURES
• Access C&C with any browser.
• Compile C&C for Linux OR Windows.
• Cannot be reversed without the private
key. 0day anti-debugging.
• Automatically maps all hard disks and
network disks.
• Creates a map of files to browse even
when the target is offline.
• Remote shell/command execution.
• Upload files or Upload and Execute
files to target.
• Download files from target. All files
are compressed with LZMA for
faster downloads and encrypted on
transport.
• Customized encryption for
communications. No two machines will
use the same key (ever).
• SSL Support for communication. (you
have to get your own *Valid* SSL
certificate to use this).
• Does not use SOCKS libraries. Uses
special Windows APIs to communicate
and cannot be blocked.
• C&C creates a one-time password
every time the user logs in for extra
security.
• Comes with source for FUD keylogger
that sends keys to another server.
• Excellent for long term campaigns
where a stable connection is needed.
UPDATES
• %100 FUD Again after Blue Coat
discovered the RAT.
• Network spreading module
(using ARP/MITM to hijack all exe
downloads) - turns on and off
with 1 click.
• Endpoint bypass
• 360 bypass
ADDITIONAL UPDATES
(APRIL 28, 2016)
• Browser password dumper
(all common browsers)
• Mail password dumper
(all common all clients)
• Cleartext network password sniffer
(many modules including http, ftp,
imap, pop3, etc...)
• Network shares password dumper
(saved passwords)
• USB spread with 2 options
(1. fake shortcut method, 2. DLL
Hijacking of common applications
based on private list and research)
• TOR onion domain support added!
COST
• $1,000
Gets you basic bin and C&C code
(no extra modules)
• $1,600
Gets you bin and C&C code
(all modules)
• $3,000
fGets you basic source code
(no modules)
• $6,000
Gets you source of everything
3