{
	"id": "2ace7a30-5430-4c97-ab59-cfea8dda02d9",
	"created_at": "2026-04-06T00:20:14.95241Z",
	"updated_at": "2026-04-10T03:21:05.412018Z",
	"deleted_at": null,
	"sha1_hash": "cbfd9dced91c89627f2137dee7888dee3ddcc724",
	"title": "KHRAT (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 27978,
	"plain_text": "KHRAT (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 19:44:20 UTC\r\nAccording to Unit42, KHRAT is a Trojan that registers victims using their infected machine’s username, system\r\nlanguage and local IP address. KHRAT provides the threat actors typical RAT features and access to the victim\r\nsystem, including keylogging, screenshot capabilities, remote shell access and so on.\r\n[TLP:WHITE] win_khrat_auto (20251219 | Detects win.khrat.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.khrat\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.khrat\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.khrat"
	],
	"report_names": [
		"win.khrat"
	],
	"threat_actors": [],
	"ts_created_at": 1775434814,
	"ts_updated_at": 1775791265,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/cbfd9dced91c89627f2137dee7888dee3ddcc724.pdf",
		"text": "https://archive.orkl.eu/cbfd9dced91c89627f2137dee7888dee3ddcc724.txt",
		"img": "https://archive.orkl.eu/cbfd9dced91c89627f2137dee7888dee3ddcc724.jpg"
	}
}