ResolverRAT
ResolverRAT is a .NET-based RAT family targeting the healthcare and pharmacy industry in 2021. It uses DLL side-loading, HTTPS C2, fileless execution, and distribution with Donut shellcode.
Threat Profile
Type
RAT
Programming Language.NET/C#
C2 ProtocolHTTPS
First Seen2021
Targets
Saglik/Eczacilik Sektoru
Purpose / Capabilities
- Remote Access/Data Exfil
No C2 servers have been identified for this family yet.
Research Reports (1)
ResolverRAT — Donut Shellcode Cozumlenmis .NET Payload, RC4 Benzeri Obfuske Anahtarlar | Yuksek
ResolverRAT donut_decrypted_netexe.bin. Donut shellcode ile sarmalanmis .NET payload, RC4 benzeri obfuske string anahtarlar.
Read Report →