Winsage
July 2, 2024
CSHARP-STREAMER is a Remote Access Trojan (RAT) that has been involved in multiple attacks, including ransomware deployment and campaigns linked to other threat actors. The malware has evolved over time, with newer variants lacking certain features found in older samples. CSHARP-STREAMER is modular in nature, suggesting it may be used in a malware-as-a-service model or to evade detection. Detection mechanisms for this RAT include monitoring PowerShell script blocks, analyzing specific web request headers, and identifying unique user agents.