HOMETHREATSAstarionRAT
APT / THREAT GROUP

AstarionRAT

3
aliases
Last seen:Mar 17, 2026

Intelligence Profile

According to Huntress, AstarionRAT is a full-featured RAT with 24 commands, including credential theft, SOCKS5 proxy, port scanning, reflective code loading, and shell execution, with RSA-encrypted C2 communication disguised as application telemetry.

Threat Analysis

AstarionRAT is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

Intelligence Reports Mentioning AstarionRAT

External References

Quick Facts

TypeAPT / Threat Group
Aliases3

Also Known As

MIMICRATAstarionRATwin.astarion_rat

External Intelligence

Malpedia: win.astarion_rat

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.