Trojan.SlayerRAT
Posted: October 18, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 17 |
| First Seen: | October 18, 2016 |
|---|---|
| Last Seen: | July 8, 2018 |
| OS(es) Affected: | Windows |
Trojan.SlayerRAT is a Remote Access Trojan (RAT) that lets threat actors control your PC through a network connection. Since Trojan.SlayerRAT's author is marketing Trojan.SlayerRAT as a service currently, its infection methods and the consequences of an infection may be inconsistent between two or more attacks. Malware experts classify almost all backdoor-capable Trojans as high-level threats and removing Trojan.SlayerRAT only should be done with anti-malware tools capable of guaranteeing its complete uninstallation.
The User-Friendly Trojan Slaying Your Security
A successful Trojan campaign requires an efficient interface for its con artist admin just as much as it needs good proliferation exploits and a well-targeted, damaging payload. The design of Trojans under the 'as a service' model is most often relegated to file encrypting Trojans and ransomware, but backdoor Trojans, rootkits, and RATs also are relevant products for such business strategies. Trojan.SlayerRAT, first promoted in February of 2016, is one case of a Trojan granting con artists nearly complete control over a remote system with as friendly a navigation system as possible.
Trojan.SlayerRAT's users, most likely acquired under a premium rental basis, may build personal servers with this Trojan's built-in client interface, including flexible variables, such as the executable file's name, the directory it installs itself into, and whether or not it infects USB devices. The threat actors then distribute the generated EXE through whatever exploits they prefer. Trojan.SlayerRAT notifies the admin of a new infection with the date of its installation and other details, such as the version of the operating system.
Malware experts saw evidence of a small but flexible range of attack possibilities from Trojan.SlayerRAT, although not all of these are verifiable as functioning. Some of the features Trojan.SlayerRAT's author is marketing include:
- Using your PC's resources to commit DDoS attacks, which simulates heavy network traffic that can crash servers.
- Launching system commands through a Command Prompt interface.
- Using a remote desktop feature that grants visual and interface-based access to the PC.
- Formatting the PC.
- Leveraging spyware modules.
- Modifying the system Registry for purposes such as enabling threatening software or disabling security software.
Trojan.SlayerRAT implements all of the above, and more, in a central administrative panel through a combination of check boxes, database entries, and text fields. Other con artists require no coding knowledge or skill for making use of most of its features.
Snipping the Cords Binding Your PC to Trojan.SlayerRAT
While Trojan.SlayerRAT's author shows some signs of basing operations in France, con artists renting Trojan.SlayerRAT clients are unlikely to limit their campaigns to that country. RAT campaigns can load their Trojans in illegal downloads or fake software patches, install them via brute-force attacks manually, or use spam messages for disguising the installers. Trojan.SlayerRAT presents heavily customizable components, and victims aren't likely of being able to detect Trojan.SlayerRAT from specific files, processes or folders being on their systems.
If Trojan.SlayerRAT's threat actor doesn't take actions for disabling them, your security software may block Trojan.SlayerRAT or be capable of removing Trojan.SlayerRAT during their system scans. Post-disinfection, you should assume that all data on the PC is potentially in con artists' possession, making changing passwords and re-securing accounts especially urgent.
A Trojan's payload corresponds to the visibility of its symptoms rarely. Assuming that an older, 'invisible' threat like Trojan.SlayerRAT isn't a threat to your computer is one assumption more likely than not to backfire in expensive ways.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.