A multi-stage PureRAT campaign that hides portable executable (PE) payloads inside PNG images and executes them almost entirely in memory, making detection and forensics significantly harder for defenders. The campaign combines steganography, PowerShell-based loaders, UAC bypass, process hollowing, and anti-virtualization checks to remain stealthy on compromised systems. The attack begins with a weaponized .LNK file […]

The post PureRAT Hides PE Payloads in PNGs for Fileless Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/purerat-hides-pe-payloads/