Meet Trochilus - Dangerous RAT (not the rodent) that runs only in Memory

New Remote Access Trojan with a twist


From the article:
Named Trochilus, the malware is part of a multi-pronged malware operation that researchers at Arbor Networks are calling the Seven Pointed Dagger (.PDF).

The malware doesn’t leave much of a trace, and is skilled at evading detection, according to a report on the operation published Monday.

“This malware … appears to run only in memory and does not leave a footprint on the disk, except in the form of encoded files that do not execute by themselves and are resistant to static file malware detection processes and static analysis,” the report reads.


For More details
https://threatpost.com/new-rat-trochilus-skilled-at-espionage-evading-detection/115857/