[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:11
[ALL_FAMILIES]

MasonRAT

rat1 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
MasonRAT
CATEGORY:
RAT
DESCRIPTION:
MasonRAT is a Remote Access Trojan (RAT) that has been observed in targeted attacks against Windows Server environments. The malware is designed to provide remote access to compromised systems and has been detected using Elastic SIEM for threat hunting and analysis.
ALIASES:
MasonRAT
TAGS:
remote_accesswindows_serverc2threat_huntingelastic_siem

[MUTEX_SIGNATURES](1)

[MUTEX_01]
rmldKj40qW2UTlEe
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://daniyyell.com/threat%20hunting/tools/malware%20analysis/Threat-Hunting-on-Windows-Server-2016-Uncovering-Hidden-C2-Malware-Using-Elastic-SIEM/

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Unknown
FIRST_OBSERVED:
2024

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:1
THREAT_ACTORS:1
ALIASES:1
TAGS:5
CATEGORY:RAT
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]