Introduction
In the ever-evolving landscape of cybersecurity threats, a new menace has emerged. Named ‘Nood RAT,’ this variant of the infamous Gh0st RAT has set its sights on Linux systems, posing significant risks to users and organizations alike.
Topic on Nood RAT: Understanding Nood RAT
Exploring the Origins and Capabilities
Nood RAT in Action
Instances and Attack Patterns
Countermeasures Against Nood RAT
Best Practices for Protection
Conclusion
The emergence of Nood RAT underscores the importance of staying vigilant in the face of evolving cyber threats. By understanding its modus operandi and implementing robust security measures, users can fortify their defenses against this stealthy intruder.
Suggestion
As the threat landscape continues to evolve, proactive measures such as regular security audits, employee training, and the deployment of advanced threat detection tools are crucial in safeguarding against emerging threats like Nood RAT.
Source: Blog Post
Source Reliability: Trustworthy
Information Reliability: Confirmed
Motivation: Unknown
Source Category: Technical Intelligence
Severity: Low
Indicator Of Compromise(IOC) Information:
IOC Type | IOC | Malicious Info |
---|---|---|
hash | 035f83018cf96f5e1f6817ccd39fc0b6 | Kaspersky information not available |
url | http://b.niupilao.vip:80 | Not Found |
url | http://bo.appleupcheck.com:443 | Not Found |
url | https://43.156.118.72:443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://check.snapupdate.org:80 | Not Found |
url | https://update.kworker.net:443 | Not Found |
url | https://101.42.139.110:53 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://23.100.88.61:53 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://1.117.165.141:53 | Malicious: 2 Suspicious: 0 KK Zone: Grey |
hash | 4f3afdcfff8f7994b7d3d3fbaa6858b4 | Malicious: 40 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
url | https://13.214.222.35:443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://bo.appleupcheck.com:443 | Not Found |
url | http://101.42.139.110:8443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
hash | 905c2158fadfe31850766f010e149a0f | Malicious: 38 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 100 |
hash | d9f00f71efabdfcca7c63d4b0805673c | Malicious: 40 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
url | https://194.36.191.75:443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://43.156.118.72:443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://43.140.251.218:8080 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://42.51.40.184:56 | Malicious: 9 Suspicious: 1 KK Zone: Red |
url | https://81.68.143.132:8080 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://check.snapupdate.org:80 | Not Found |
url | http://update.kworker.net:443 | Not Found |
url | https://81.68.143.132:1234 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://1.117.165.141:53 | Malicious: 2 Suspicious: 0 KK Zone: Grey |
url | http://101.42.139.110:53 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://23.100.88.61:53 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://b.niupilao.vip:80 | Not Found |
hash | c440bd814be37fac669567131c4ba996 | Malicious: 34 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: File is infected Zone: Red HitsCount: 10 |
url | http://43.140.251.218:8080 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://81.68.143.132:1234 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://101.42.139.110:8443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | https://cloud.awsxtd.com:443 | Not Found |
hash | 35743db3dc333245ef5b69100721ced9 | Malicious: 35 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
hash | 7d631e5b0c78805dd5d440cce788d25b | Malicious: 40 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
url | http://81.68.143.132:8080 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
url | http://cloud.awsxtd.com:443 | Not Found |
url | https://42.51.40.184:56 | Malicious: 9 Suspicious: 1 KK Zone: Red |
url | http://194.36.191.75:443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
hash | 0a35e06f53c17ab1c8e18e7e0c0821d8 | Malicious: 38 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
hash | 75838e5d481da40db2e235a6d5a222ef | Malicious: 36 Malware Family: N/A Metadefender Percentage: N/A Blocked Reason: N/A Zone: Red HitsCount: 10 |
url | http://13.214.222.35:443 | Malicious: 1 Suspicious: 0 KK Zone: Grey |
hash | b4910e998cf58da452f8151b71c868cb | Malicious: 33 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
hash | a15ebd19cac42b0297858018da62b1be | Malicious: 30 Malware Family: linux Metadefender Percentage: N/A Blocked Reason: N/A Zone: Red HitsCount: 10 |
hash | 97db3f7676380f0baa3840ed5d5c1767 | Malicious: 35 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 10 |
hash | 8457f71c6a5fe83bb513d1dfba99271a | Malicious: 37 Malware Family: linux Metadefender Percentage: 100 Blocked Reason: Infected Zone: Red HitsCount: 100 |