#ResolverRAT

𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲

@netresec.com

7 months ago

PureRAT = ResolverRAT = PureHVNC PureRAT is a Remote Access Trojan, which can be used by an attacker to remotely control someone else's PC. PureRAT provides the following features to an attacker: See the victims user interfaceInt...

How to identify #PureRAT (aka #ResolverRAT):
⛳️ C2 port is often 56001, 56002 or 56003
🔢 Bot sends 04 00 00 00, then TLS handshake
🔑 Client and server run TLS 1.0
🖊️ X.509 cert is self signed
📅 X.509 cert expires 9999-12-31
netresec.com?b=2589522

𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲

@netresec.infosec.exchange.ap.brid.gy

7 months ago

@netresec

>PureRAT is the exact same malware as what Morphisec and others call ResolverRAT. PureHVNC, on the other hand, is the predecessor to PureRAT.
IOCs:
👾 193.26.115.125:8883
👾 purebase.ddns[.]net:8883
👾 45.74.10.38:56001
👾 139.99.83.25:56001
https://netresec.com/?b=2589522

ReversingLabs

@reversinglabs.com

8 months ago

GitHub - reversinglabs/reversinglabs-yara-rules: ReversingLabs YARA Rules ReversingLabs YARA Rules. Contribute to reversinglabs/reversinglabs-yara-rules development by creating an account on GitHub.

#ResolverRAT is a new #backdoor that uses advanced persistence mechanism, certificate validation, obfuscation, & C2 architecture to stay undetected. Protect yourself by deploying our public #YARArules.👇 github.com/reversinglab...

Technijian

@technijian.bsky.social

10 months ago

ResolverRAT Targets Healthcare and Pharma via Phishing Attacks ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks is the latest cyber threat using memory-only execution

🚨 ResolverRAT Targets Healthcare and Pharma! 🚨

🔎 Read More: technijian.com/cyber-securi...

#CyberSecurity #ResolverRAT #HealthcareCybersecurity #PharmaSecurity #MalwareAlert #PhishingAwareness #EndpointSecurity #SOCMonitoring #IncidentResponse #Technijian #DataProtection

Pablo Álvarez Corredera

@cibered.com

10 months ago

Nuevo Malware ResolverRAT apunta al Sector Salud y Farmacéutico a Nivel Global - CIBERNINJAS Un nuevo troyano de acceso remoto (RAT) llamado ResolverRAT está siendo utilizado para atacar a organizaciones del sector farmacéutico y sanitario en todo el

🦠 Nuevo Malware ResolverRAT apunta al Sector Salud y Farmacéutico a Nivel Global ciberninjas.com/nuevo-malwar...

#Malware #ResolverRAT #Ciberamenazas #Ciberseguridad #RAT #SaludDigital #Farmacéutica #AmenazasGlobales #AtaquesDirigidos

Hackread.com

@hackread.bsky.social

10 months ago

Native Language Phishing Spreads ResolverRAT to Healthcare Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

🚨🪝 Scammers are targeting healthcare and pharma firms with phishing emails in their native languages, leading to infections by a new, evasive malware called #ResolverRAT.

Read: hackread.com/native-langu...

#CyberSecurity #Malware #Phishing #Healthcare

Rod2ik 🇪🇺 🇨🇵 🇪🇸 🇺🇦 🇨🇦 🇩🇰 🇬🇱 ☮🕊️

@rod2ik.bsky.social

10 months ago

Cyberattaque mondiale : le virus ResolverRAT prend d'assaut le secteur de la santé et de la pharmacie Un nouveau virus du nom de ResolverRAT se propage dans le monde entier. Le malware piège les entreprises du secteur de la santé et de la pharmacie avec des mails de phishing calibrés. Au terme de l'at...

#Cyberattaque #mondiale : le #virus #ResolverRAT prend d’assaut le secteur de la #santé et de la #pharmacie

www.01net.com/actualites/c...

Association SOSOrdi.net

@sosordinet.bsky.social

10 months ago

“Dans les secteurs de la santé et de l'industrie pharmaceutique” : mise en lumière de #ResolverRAT, un Cheval de Troie multi-fonctions redoutable !

blog.sosordi.net/2025/04/dans...

#securite #data #trojan #Internet

Insights Into Things Podcasts

@insightsintothings.com

11 months ago

A new malware campaign using ResolverRAT is targeting healthcare and pharma sectors with phishing emails and DLL side-loading.
#Cybersecurity #ResolverRAT #Phishing #Malware #Infosec #ThreatIntel

Adrian Anglin

@andranglin.bsky.social

11 months ago

ResolverRAT: New RAT Employs Advanced Evasion Techniques Learn about ResolverRAT, a new remote access trojan using advanced evasion to avoid detection. This malware employs sophisticated techniques.

#ResolverRAT evolves—now uses API unhooking, indirect syscalls, and heap encryption to evade EDR.

Active in healthcare attacks: securityonline.info/resolverrat-... #CyberSecurity #Malware

Adrian Anglin

@andranglin.bsky.social

11 months ago

New Malware Variant Identified: ResolverRAT Enters the Maze Morphisec identifies ResolverRAT, a remote access trojan with advanced capabilities and layered evasion techniques. Read on for a full threat analysis.

New #ResolverRAT variant emerges—evades detection with maze-like code obfuscation, targets healthcare data.

Technical analysis: www.morphisec.com/blog/new-mal... #CyberSecurity #Malware

Adrian Anglin

@andranglin.bsky.social

11 months ago

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading ResolverRAT targets healthcare and pharma via localized phishing; uses advanced stealth tactics to ensure persistence and evade detection.

#ResolverRAT targets healthcare/pharma via phishing & DLL sideloading—steals research data and patient records.

Active campaign: thehackernews.com/2025/04/reso... #CyberSecurity #HealthIT

@matricedigitale.bsky.social

11 months ago

Resolverrat colpisce sanità e farmaceutica con phishing localizzati e caricamento in memoria tramite dll e framework .net

#accessoremoto #DLLsideloading #evasione #malware #PHISHING #resolverrat #sanità #sideloading
www.matricedigitale.it/sicurezza-in...

キタきつね

@kitafox.bsky.social

11 months ago

New ResolverRAT malware targets pharma and healthcare orgs worldwide A new remote access trojan (RAT) called 'ResolverRAT' is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors.

新たなResolverRATマルウェアが世界中の製薬会社や医療機関を標的に

New ResolverRAT malware targets pharma and healthcare orgs worldwide #BleepingComputer (Apr 14)

#ResolverRAT #医療セキュリティ #フィッシング攻撃 #メモリ内マルウェア #RAT