SYMBOLCOMMON_NAMEaka. SYNONYMS
win.pure_rat (Back to overview)

PureRAT

aka: PureHVNC, ResolverRAT

According to Morphisec, this RAT combines advanced in-memory execution, API and resource resolution at runtime, and layered evasion techniques. They have named it ‘Resolver’ due to its heavy reliance on runtime resolution mechanisms and dynamic resource handling, which make static and behavioral analysis significantly more difficult.

References
2025-09-03DarkrymDarkrym
PXA Stealers Evolution to PureRAT: Part 6 - Finally, the Final Stage PureRAT (Stage 9)
PureRAT
2025-08-27PlainBitHeejae Hwang
PureHVNC malware disguised as a copyright infringement notice email
ClipBanker PureRAT
2025-08-12NetresecErik Hjelmvik
PureRAT = ResolverRAT = PureHVNC
PureRAT
2025-05-20KasperskyAMR
https://securelist.ru/purerat-attacks-russian-organizations/112619/
PureRAT
2025-04-14MorphisecNadav Lorber
New Malware Variant Identified: ResolverRAT Enters the Maze
PureRAT

There is no Yara-Signature yet.