heute habe ich PupyRAT analysiert, eine Malware, die durch eine Payload mit dem Namen „Magic Hound“ mit Remote Acces und der Art von OSINT im Jahr 2020 kam.

MISP – I have just completed this room! Check it out: https://tryhackme.com/room/misp #tryhackme #security #blueteam #threatintelligence #MISP #InformationSharing #misp via @realtryhackme

More info: Pupy is an open-source, cross-platform RAT and post-exploitation framework mainly written in python. Pupy can be loaded from various loaders, including PE EXE, reflective DLL, Linux ELF, pure python, powershell and APK. Most of the loaders bundle an embedded python runtime, python library modules in source/compiled/native forms as well as a flexible configuration. They bootstrap a python runtime environment mostly in-memory for the later stages of pupy to run in. Pupy can communicate using various transports, migrate into processes, load remote python code, python packages and python C-extensions from memory.