GravityRAT
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[GravityRAT](https://attack.mitre.org/software/S0237) is a remote access tool (RAT) and has been in ongoing development since 2016. The actor behind the tool remains unknown, but two usernames have been recovered that link to the author, which are "TheMartian" and "The Invincible." According to the National Computer Emergency Response Team (CERT) of India, the malware has been identified in attacks against organization and entities in India. (Citation: Talos GravityRAT)
Tecniche Associate (19)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1005 | Data from Local System | - |
| T1007 | System Service Discovery | - |
| T1016 | System Network Configuration Discovery | - |
| T1025 | Data from Removable Media | - |
| T1027.005 | Indicator Removal from Tools | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1033 | System Owner/User Discovery | - |
| T1047 | Windows Management Instrumentation | - |
| T1049 | System Network Connections Discovery | - |
| T1053.005 | Scheduled Task | - |
| T1057 | Process Discovery | - |
| T1059.003 | Windows Command Shell | - |
| T1071.001 | Web Protocols | - |
| T1082 | System Information Discovery | - |
| T1083 | File and Directory Discovery | - |
Metadata
| ID: | 79 |
| Created: | 13/01/2026 17:48 |
| Updated: | 21/04/2026 04:00 |