VERY IMPORTANT

Salat Stealer, also known as WEB_RAT, is a sophisticated Go-based infostealer targeting Windows systems. It exfiltrates browser credentials, cryptocurrency wallet data, and session information while employing advanced evasion techniques. The malware uses UPX packing, process masquerading, registry run keys, and scheduled tasks for persistence and evasion. Operated under a Malware-as-a-Service model by Russian-speaking actors, it leverages resilient C2 infrastructure. The stealer targets multiple browsers, cryptocurrency wallets, and Telegram sessions. It communicates with its C2 server using UDP and HTTPS, employing domain failover mechanisms for resilience. The control panel offers remote command execution and built-in script modules for further system compromise.