Brute Ratel C4 (23043b44-69a6-5cdf-8f60-5a68068680c7)
Brute Ratel C4 is a commercial red-teaming and adversarial attack simulation tool that first appeared in December 2020. Brute Ratel C4 was specifically designed to avoid detection by endpoint detection and response (EDR) and antivirus (AV) capabilities, and deploys agents called badgers to enable arbitrary command execution for lateral movement, privilege escalation, and persistence. In September 2022, a cracked version of Brute Ratel C4 was leaked in the cybercriminal underground, leading to its use by threat actors.[Dark Vortex Brute Ratel C4][Palo Alto Brute Ratel July 2022][MDSec Brute Ratel August 2022][SANS Brute Ratel October 2022][Trend Micro Black Basta October 2022]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Brute Ratel C4 (23043b44-69a6-5cdf-8f60-5a68068680c7) | Tidal Software | BlackCat Ransomware Actors & Affiliates (33159d02-a1ce-49ec-a381-60b069db66f7) | Tidal Groups | 1 |