216.73.217.172

PoetRAT

The MITRE Corporation · Published 27/04/2020 22:21 · Modified 27/03/2026 01:06 Family

Essential information

Confidence
100/100
Is family
Yes
Published
27/04/2020 22:21
Modified
27/03/2026 01:06
Revoked
No
Author / Source
The MITRE Corporation
Related entities
35 attack patterns (mitre)

Description

[PoetRAT](https://attack.mitre.org/software/S0428) is a remote access trojan (RAT) that was first identified in April 2020. [PoetRAT](https://attack.mitre.org/software/S0428) has been used in multiple campaigns against the private and public sectors in Azerbaijan, including ICS and SCADA systems in the energy sector. The STIBNITE activity group has been observed using the malware. [PoetRAT](https://attack.mitre.org/software/S0428) derived its name from references in the code to poet William Shakespeare. (Citation: Talos PoetRAT April 2020)(Citation: Talos PoetRAT October 2020)(Citation: Dragos Threat Report 2020)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references