PureRAT (Malware Family)

PureRAT

aka: PureHVNC, ResolverRAT

According to Morphisec, this RAT combines advanced in-memory execution, API and resource resolution at runtime, and layered evasion techniques. They have named it ‘Resolver’ due to its heavy reliance on runtime resolution mechanisms and dynamic resource handling, which make static and behavioral analysis significantly more difficult.

References

2025-09-03 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 6 - Finally, the Final Stage PureRAT (Stage 9)
PureRAT

2025-08-27 ⋅ ⋅ PlainBit ⋅ Heejae Hwang
PureHVNC malware disguised as a copyright infringement notice email
ClipBanker PureRAT

2025-08-12 ⋅ Netresec ⋅ Erik Hjelmvik
PureRAT = ResolverRAT = PureHVNC
PureRAT

2025-05-20 ⋅ ⋅ Kaspersky ⋅ AMR
https://securelist.ru/purerat-attacks-russian-organizations/112619/
PureRAT

2025-04-14 ⋅ Morphisec ⋅ Nadav Lorber
New Malware Variant Identified: ResolverRAT Enters the Maze
PureRAT

There is no Yara-Signature yet.

PureRAT Propose Change

References

PureRAT