From infostealer to full RAT: dissecting the PureRAT attack chain
Essential information
- Published
- 10/10/2025 20:35
- Modified
- 10/10/2025 21:09
- Tags
- 2025-10-10 cryptoloader infostealer lonenone netloader purecrypter purelogs purerat pxa stealer python pythonloader service telegram winrar zip archive
- Related entities
- 7 observables, 20 techniques (mitre), 2 malware
Description
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a full-featured, commercially available remote access trojan (RAT) known as PureRAT.