216.73.216.133

ZynorRAT technical analysis: Reverse engineering a novel, Turkish Go-based RAT

· Published 10/09/2025 07:54 · Modified 10/09/2025 08:24

Export JSON

Essential information

Published
10/09/2025 07:54
Modified
10/09/2025 08:24
Tags
2025-09-10 c2 go-based linux remote access trojan telegram turkish windows zynorrat
Related entities
48 observables, 11 techniques (mitre), 1 malware

Description

is a newly discovered that provides a full suite of command and control capabilities for and systems. It was first identified in July 2025 and is believed to be of origin. The malware uses as its infrastructure and offers features such as file exfiltration, system enumeration, screenshot capture, persistence through systemd services, and arbitrary command execution. The version is fully functional, while the version appears to be in early development. The malware's author seems to be actively working on improving its detection avoidance. 's capabilities include discovery, exfiltration, persistence, and remote code execution on victim machines.

External references