Skip to content

Add Kurinium RAT detection rules (Discord-based Rust RAT) #455

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
MidasRX wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add Kurinium RAT detection rules (Discord-based Rust RAT) #455

MidasRX wants to merge 1 commit into from

Conversation

@MidasRX
Copy link

@MidasRX MidasRX commented Jan 29, 2026

  • YARA rules for Kurinium RAT detection
  • Kurinium is a Rust-based Discord RAT by Mikasuru
  • Detection covers: brand strings, source paths, bot commands, C2 infrastructure
  • Includes CMSTP UAC bypass, credential stealer, screenshot/webcam detection
  • Reference: https://github.com/Mikasuru/Kurinium
  • SHA256: e323c24b669727a7c4494d5bc6ab9a6a542453a303677afab3cf4f3ca08b7261

Author: MidasRX
@MidasRX
Add Kurinium RAT detection rules (Discord-based Rust RAT)
06c783c 
- Added 20 comprehensive YARA rules for Kurinium RAT detection
- Kurinium is a Rust-based Discord RAT by Mikasuru
- Detection covers: brand strings, source paths, bot commands, C2 infrastructure
- Includes CMSTP UAC bypass, credential stealer, screenshot/webcam detection
- Reference: https://github.com/Mikasuru/Kurinium
- SHA256: e323c24b669727a7c4494d5bc6ab9a6a542453a303677afab3cf4f3ca08b7261

Author: MidasRX
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant

@MidasRX