I can provide more specific details if you have a of your specific sample or if you'd like to see a list of common file paths it uses for persistence. Would you like a list of detection rules (like Sigma or Yara) for this threat? New Families and Detection Updates - Hatching Triage
Unexpected outbound network connections to unknown IP addresses. HIVERAT.rar
Reads the computer name and system information to identify the target. I can provide more specific details if you
May modify autorun registry keys to ensure it launches every time the computer restarts. 3. Network Activity (C2) Reads the computer name and system information to
If executed, prioritize changing passwords for browsers and messaging apps (Discord, etc.) from a separate, clean device.
New, suspicious entries in the Windows folder or Registry Run keys. 🛠️ Mitigation & Safety If you have encountered this file: Do not extract or run the contents of the archive. Quarantine/Delete the file immediately. Run a Full Scan with a reputable antivirus provider.
Includes features for monitoring the victim's desktop and keyboard activity.