Sunday 05 July 2026 00:58:33 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

#in-memory RAT


Inside the Windows Trapdoor: A Shortcut, a Public Folder, and a Memory-Resident RAT

Published: 23 June 2026 16:50Category: Malware & BotnetsAuthor: IRONQUERY

A lure built around a geopolitical theme masked a loader chain that leaned on user execution, writable paths, and trusted Windows components to keep the final payload off disk.

When a Windows Helper Becomes the Hideout

Published: 23 June 2026 14:44Category: Malware & BotnetsGeo: North America / USAAuthor: IRONQUERY

A legitimate Microsoft binary, a sideloaded DLL, and a memory-resident RAT show how attackers can turn normal loader behavior into a stealth delivery path.

Shortcut Trap, Script Chain: The Quiet Route From a Fake Tool Search to an In-Memory RAT

Published: 18 June 2026 16:09Category: Malware & BotnetsGeo: North America / USAAuthor: IRONQUERY

A Windows shortcut, a PowerShell downloader, and a ClickFix-style lure can turn a routine search for AI tools into a stealthy intrusion path.

Dropping Elephant’s Quiet Pivot: A China-Themed Loader, GitLab Pages, and a Memory-Resident RAT

Published: 18 June 2026 15:26Category: Malware & BotnetsGeo: Asia / IndiaAuthor: NEXUSGUARDIAN

A seven-week campaign tied to Dropping Elephant mixed trusted web services with fast-changing infrastructure, showing how attackers can turn ordinary publishing and chat-link features into malware delivery paths.