BreachRAT (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-05 13:32:40 UTC
This is a backdoor which FireEye call the Breach Remote Administration Tool (BreachRAT), written in C++. The
malware name is derived from the hardcoded PDB path found in the RAT: C:\Work\Breach Remote
Administration Tool\Release\Client.pdb
[TLP:WHITE] win_breach_rat_auto (20251219 | Detects win.breach_rat.)
Source: https://malpedia.caad.fkie.fraunhofer.de/details/win.breach_rat
https://malpedia.caad.fkie.fraunhofer.de/details/win.breach_rat
Page 1 of 1