Stealthy SeroXen RAT malware increasingly used to target gamers

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
A stealthy remote access trojan (RAT) named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.

AT&T reports that the malware is sold under the guise of a legitimate remote access tool for Windows 11 and 10 for $15/month or a single "lifetime" license payment of $60
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040

The Bleepingcomputer article uses the term "batch file" (embedded in ZIP archive) as an initial attack vector. For example:

The batch file extracts two binaries from base64 encoded text and loads them into memory using .NET reflection.

More precisely, the batch file runs PowerShell, which can encode and load the malware into memory (using .NET reflection). The role of PowerShell is most important in the infection chain.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top