🔴 Reversing BRc4 Red-Teaming Tool Used by APT 29
On May 19, a malicious payload associated with Brute Ratel C4 (BRc4) was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.
Blog post:
https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
Reversing the Malware by IppSec:
https://youtu.be/a7W6rhkpVSM
#maldev #c2 #brc4
On May 19, a malicious payload associated with Brute Ratel C4 (BRc4) was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.
Blog post:
https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
Reversing the Malware by IppSec:
https://youtu.be/a7W6rhkpVSM
#maldev #c2 #brc4
Unit 42
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
Pentest and adversary emulation tool Brute Ratel C4 is effective at defeating modern detection capabilities – and malicious actors have begun to adopt it.
👍3👎1
This post provides a technical analysis of a Brute Ratel C4 badger/agent, a Red Team tool. The analysis includes API hashing, memory injection, encrypted C2 communications, and the first 20 C2 commands for remote control.
🔗 Source:
https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads/
#analysis #brc4 #redteam #blueteam
Please open Telegram to view this post
VIEW IN TELEGRAM
1🔥13👍3❤🔥1