GravityRAT is an Advance Persistence Threat (APT) that allegedly targets India, United States and United Kingdom. GravityRAT uses Microsoft Word as a medium to proliferate. Once the user open the document it insisted to enable macros upon which is executes the zipped payload.
NanoCore RAT first appeared in 2013 with its latest version released in 2015. It was freely available to purchase for between $25 to $50. In July, 2017 its creator found guilty.
RokRAT exploits CVE-2018-4878, a Adobe Falsh 0-day vulnerability. Its is believed to be the work of supposedly North Korean Group 123 or APT37. RokRAT is disseminated via a excel file which has an ActiveX Object, that object is an embedded SWF file.