Qarallax (179288c9-4ff1-4a7e-b728-35dd2e6aac43)
Travelers applying for a US Visa in Switzerland were recently targeted by cyber-criminals linked to a malware called QRAT. Twitter user @hkashfi posted a Tweet saying that one of his friends received a file (US Travel Docs Information.jar) from someone posing as USTRAVELDOCS.COM support personnel using the Skype account ustravelidocs-switzerland (notice the “i” between “travel” and “docs”).
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Qarallax (179288c9-4ff1-4a7e-b728-35dd2e6aac43) | RAT | qrat (c3a784ee-cef7-4604-a5ba-ec7b193a5152) | Tool | 1 |
| qrat (c3a784ee-cef7-4604-a5ba-ec7b193a5152) | Tool | QRat (ef385825-bfa1-4e8c-b368-522db78cf1bd) | Malpedia | 2 |