"Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar"
Quasar RAT, also known as CinaRAT or Yggdrasil, is an open-source Remote Access Trojan (RAT) that has been using DLL side-loading to avoid detection and stealthily steal data from compromised Windows hosts. According to researchers at Uptycs, this technique exploits the inherent trust that these files command within the Windows environment. They detailed the malware's reliance on ctfmon.exe and calc.exe in the attack chain. Quasar RAT is a C#-based remote administration tool. It can gather system information, a list of active applications, files, keystrokes, and screenshots, as well as execute arbitrary shell commands. This article continues to discuss the use of DLL side-loading by the Quasar RAT.
THN reports "Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar"
Submitted by grigby1