The threat actor behind the CastleLoader malware-as-a-service framework has created a remote access trojan named CastleRAT, which is available in Python and C variants. CastleRAT’s primary capabilities include collecting system information, downloading and executing additional payloads, and executing commands through CMD and PowerShell, according to Recorded Future Insikt Group.
Want More Context? 🔎
Loading PerspectiveSplit analysis...






