ChaChi: a New GoLang RAT

Security Alert
Published June 23, 2021

BlackBerry has identified a new type of malicious software written in the Go programming language as the operator of the PYSA ransomware campaign, which has been targeting education institutions across the United States and Canada.

T1059.001 – PowerShellT1059.003 – Windows Command ShellT1569.002 – Service ExecutionT1543.003 – Windows ServiceT1027 – Obfuscated Files or InformationT1057 – Process DiscoveryT1082 – System Information DiscoveryT1572 – Protocol TunnelingT1071.001 – Web ProtocolsT1090.002 – External ProxyT1001 – Data ObfuscationT1008 – Fallback ChannelsT1573.001 – Symmetric CryptographyT1041 – Exfiltration Over C2 ChannelT1587.001 – MalwareT1583.001 – Domains

Related Content

Ready to Simplify IT Management?

We will work with you to create a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.