Pulse Detail — Threat Intelligence

PULSE NAME

Analysis of VioletRAT malware carried in Italy

WHITE PetrP.73 2026-03-08 Modified: 2026-04-07

IOCs

MEDIUM VOLUME

The analysis of the VioletRAT malware suggests an evolution within its operational infrastructure, particularly in a campaign targeting users in Italy. While earlier assessments left some ambiguity regarding the malware's identity, recent indications point to it being VioletRAT version 4.7. This version appears to operate over a different command-and-control (C2) setup than previously identified, potentially indicating a segmentation of campaigns utilizing similar techniques and resources.

violetrat tra le violet c2 e infrastruttura getpass

MITRE ATT&CK & Malware Families

MALWARE FAMILIES

Violet_rat

Indicators of Compromise (1 / 14 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	0d28eb747209210bcc86be5baf9ae2e0	MD5 of 8b2f8f5ec21f82d5925f77734a6ef8b48156a729ff55e1deb49277985610d34c	2026-03-08

References (2)

↗ https://cert-agid.gov.it/news/analisi-del-malware-violetrat-veicolato-in-italia/ ↗ https://www.sonicwall.com/it-it/blog/inside-a-new-violetrat-campaign-multi-staged-delivery-and-stealthy-payload-execution