SSLove RAT - Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:24:01 UTC
Home > List all groups > List all tools > List all groups using tool SSLove RAT
 Tool: SSLove RAT
Names SSLove RAT
Category Malware
Type Reconnaissance, Backdoor, Info stealer, Exfiltration
Description
(Qihoo 360) The main features of the Android sample in this attack are as follows:
• Get contact
• Get SMS
• Get location
• Get WhatsApp chathistory
• Get call history
• Get file list
• Upload file
• Get device information
• Get account information
• Take a photo
In the process of stealing privacy, SSlove RAT uses a remote SQL Server database to store
stolen information such as contacts, text messages, location, WhatsApp chat records, and
uploads images, audios, and other files to its FTP server.
Information <http://blogs.360.cn/post/SEA_role_influence_cyberattacks.html>
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool SSLove RAT
Changed Name Country Observed
APT groups
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fd4b91f1-bacf-484e-a03d-9f013a88f85f
Page 1 of 2

↳ Subgroup: Pat Bear, APT-C-37 2015  
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fd4b91f1-bacf-484e-a03d-9f013a88f85f
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fd4b91f1-bacf-484e-a03d-9f013a88f85f
Page 2 of 2