Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
ValleyRAT, a sophisticated multi-stage malware attributed to Silver Fox APT, has updated its tactics, techniques, and procedures. The malware targets key roles in finance, accounting, and sales departments using phishing emails, malicious websites, and instant messaging platforms. The infection chain begins with a fake Chrome browser download, followed by the execution of a Setup.exe file that downloads additional components. The malware employs DLL side-loading, process injection, and anti-VM techniques to evade detection. It includes features such as keylogging, screen monitoring, and persistence mechanisms. ValleyRAT communicates with command and control servers and can execute various commands, including dropping and executing files, setting startup configurations, and manipulating processes.
OPENCTI LABELS :
keylogger,phishing,persistence,valleyrat,ghostrat,dll side-loading,c2 communication,anti-vm,silver fox apt
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques