Malware

Brute Ratel

First seen: 2020-12 • Status: active

Currently Active Threat

Brute Ratel is an expensive hacking tool designed to avoid detection. A pirated copy leaked online and is now used by criminals worldwide.

Overview

Brute Ratel is a commercial adversary simulation tool designed to evade EDR. A cracked version leaked and is now widely used by threat actors.

Also Known As

Brute Ratel C4, BRc4

How It Spreads

  • Targeted attacks
  • Initial access broker delivery

What It Does

  • EDR evasion
  • Command and control
  • Post-exploitation

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Look for BRc4 specific artifacts
  • Monitor for badger behavior

MITRE ATT&CK Techniques

T1071, T1059, T1562

If You're Infected

  1. 1.

    Engage incident response team

  2. 2.

    Full network investigation

Related Malware

Cobalt Strike, Sliver

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices