Yellow RAT Lab

Yellow RAT Lab

Scenario

Scenario

Questions

hash

30E527E45F50D2BA82865C5679A6FA998EE0A1755361AB01673950810D071C85

virustotal results

name of the malware family that causes abnormal network traffic

community section https://redcanary.com/blog/threat-intelligence/yellow-cockatoo/

i was expecting IOCs in article but nope

graph after login in to virustotal

othewise in relation tab

graph

click on that it will lead to same
in details tab

detail section

compilation timestamp of the malware

details section

When was the malware first submitted to VirusTotal

details section

name of the .dat file that the malware dropped in the AppData folder
read red canary article

red canary article

C2 server that the malware is communicating with?

red canary article