SYMBOLCOMMON_NAMEaka. SYNONYMS
win.resolver_rat (Back to overview)

ResolverRAT

According to Morphisec, this RAT combines advanced in-memory execution, API and resource resolution at runtime, and layered evasion techniques. They have named it ‘Resolver’ due to its heavy reliance on runtime resolution mechanisms and dynamic resource handling, which make static and behavioral analysis significantly more difficult.

References
2025-04-14MorphisecNadav Lorber
New Malware Variant Identified: ResolverRAT Enters the Maze
ResolverRAT

There is no Yara-Signature yet.