Xeno RAT Abuses Windows DLL Search To Avoid Detection
released on 2024-02-27 @ 02:49:24 PM
A new sophisticated malware named Xeno RAT uses process injection, obfuscation, anti-debugging, and other techniques to evade detection. It is delivered via a shortcut file and multi-stage payload downloader. Xeno RAT abuses the Windows DLL search order to load a malicious DLL into legitimate processes. It has capabilities like monitoring, hidden VNC, SOCKS5 proxy, process injection, and C2 communication. Xeno RAT takes steps to avoid analysis and hide its network traffic.