ResolverRAT

ResolverRAT is a .NET-based RAT family targeting the healthcare and pharmacy industry in 2021. It uses DLL side-loading, HTTPS C2, fileless execution, and distribution with Donut shellcode.

Threat Profile
Type RAT
Programming Language.NET/C#
C2 ProtocolHTTPS
First Seen2021
Targets Saglik/Eczacilik Sektoru
Purpose / Capabilities
  • Remote Access/Data Exfil
No C2 servers have been identified for this family yet.

Research Reports (1)

High

ResolverRAT — Donut Shellcode Cozumlenmis .NET Payload, RC4 Benzeri Obfuske Anahtarlar | Yuksek

ResolverRAT donut_decrypted_netexe.bin. Donut shellcode ile sarmalanmis .NET payload, RC4 benzeri obfuske string anahtarlar.

Read Report →