Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Pupy RAT Description and Removal

There is a new RAT (Remote Access Tool/Trojan) that goes by the name of Pupy. It is open-source so everybody can have full access to its capabilities. It can be used by administrators, penetration testers, engineers, but unfortunately, also by black hats. Pupy has a multi-platform usage and an embedded Python programming language interpreter. This makes the thought of this tool used by cybercriminals terrifying.

This is how it looks like inside:

STF-RAT-python-Pupy

NamePupy RAT
TypeRAT, Trojan
Short DescriptionThe tool is basically a trojan if it’s used by black hat hackers.
SymptomsThe RAT can download and upload files and information, migrate to other processes, execute commands and also has a keylogger.
Distribution MethodExploit Kits, Targeted Attacks
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by Pupy RAT
User ExperienceJoin our forum to discuss the Pupy RAT.

Pupy Trojan – Distribution

There are lots of possibilities for distributing Pupy as it is with a free license and everybody has access to it and can modify it as they see fit. A very effective way of it being inserted into your system can be with the use of Exploit Kits as this is quite common for similar Tool agents. We believe that targeted attacks and spam emails as ways of distribution can be just as effective. It is really probable we see that in the near future.

Pupy Trojan – Technical Details

Pupy is classified as RAT. RAT stands for Remote Access Trojan. It could easily be implemented to stay hidden on a system and steal sensitive information as an APT (Advanced Persistent Threat). It has the potential to infect you with more malware, and as now it is quite popular, you can easily get ransomware like TeslaCrypt and CryptoWall 4.0.

Pupy has the Python language embedded in its programming and can inject .dll files in Windows systems and is reported to work effectively under Linux, Mac OS X and Windows operating systems. The whole Python interpreter is fully loaded from memory so there may be little to no trace on the disk of a computer.

The following features are already implemented and working:

  • migrate
  • inter process architecture injection also works (x86->x64 and x64->x86)
  • command execution
  • interactive shell (cmd.exe, /bin/sh, /bin/bash, …)
  • tty allocation is well supported on target running a Unix system. (Looks like a SSH shell)
  • interactive python shell
  • download
  • upload
  • persistence
  • screenshot
  • webcam snapshot
  • in memory execution of PE exe both x86 and x64
  • socks5 proxy
  • local port forwarding
  • shellcode execution
  • keylogger (monitors keys, the windows titles the text is typed in and the clipboard)
  • mouselogger: (takes small screenshots around the mouse at each click and sends them back to the server)

As it can have a constant connection to remote locations, hackers behind the Trojan may also steal sensitive data and files, upload malware, spy on you and countless other things.

Pupy Trojan Removal

This Trojan can spy on you, access personal information on your PC and eventually may infect you with different malware types. It may track your personal information and send all data to cybercriminals, from which they can profit. To completely get rid of the Pupy Trojan horse from your PC, carefully follow the step-by-step removal instructions provided below.

1. Boot Your PC In Safe Mode to isolate and remove Pupy RAT
2. Remove Pupy RAT with SpyHunter Anti-Malware Tool
3. Remove Pupy RAT with Malwarebytes Anti-Malware.
4. Remove Pupy RAT with STOPZilla AntiMalware
5. Back up your data to secure it against infections by Pupy RAT in the future
NOTE! Substantial notification about the Pupy RAT threat: Manual removal of Pupy RAT requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.