Malware
TYPEFRAME
TYPEFRAME is a RAT. It supports ~25 commands that include operations on the victim’s filesystem, manipulation with its configuration, modification of the system's firewall, the download and execution
TYPEFRAME is a RAT.
It supports ~25 commands that include operations on the victim’s filesystem, manipulation with its configuration, modification of the system's firewall, the download and execution of additional tools from the attacker’s C&C and the uninstall via a self-delete batch. The commands are indexed by 16-bit integers, starting with the value 0x8000.
The RAT uses RC4 for decryption of its binary configuration. It has a statically linked OpenSSL 0.9.8k library used for SSL communication.
Family metadata imported from Malpedia (Fraunhofer FKIE).