AtlasCross RAT
AtlasCross RAT is a newly identified remote access trojan used in active campaigns attributed to the China-linked cybercrime group Silver Fox, also tracked as SwimSnake, Valley Thief, UTG-Q-1000, and Void Arachne. Reporting describes it as part of Silver Fox’s evolution from earlier Gh0st RAT-derived tooling such as ValleyRAT/Winos 4.0, Gh0stCringe, and HoldingHands RAT toward more capable malware supporting data theft and financial fraud, and it has also been referenced in broader Silver Fox operations across Asia.
Observed delivery relies on social engineering and fake software distribution. Campaigns targeting Chinese-speaking users used typosquatted domains and bogus websites impersonating trusted brands including Surfshark VPN, Signal, Telegram, Zoom, Microsoft Teams, and others. Victims were lured into downloading ZIP archives containing trojanized installers. In one reported infection chain, the installer dropped a trojanized Autodesk binary alongside a legitimate decoy application; the trojanized binary launched a shellcode loader, decrypted embedded Gh0st RAT configuration data to obtain C2 details, downloaded a second-stage shellcode payload from bifa668[.]com over TCP port 9899, and ultimately executed AtlasCross RAT in memory. The malware has also been mentioned as one of the tools deployed by Silver Fox after initial phishing access in campaigns using fake tax audit notices and counterfeit software update alerts.
AtlasCross RAT embeds the PowerChell framework, a native C/C++ PowerShell execution engine that hosts the .NET CLR inside the malware process. Reported defense-evasion features include disabling AMSI, ETW, Constrained Language Mode, and ScriptBlock logging before command execution. Its command-and-control traffic is encrypted with ChaCha20, with one report stating per-packet random keys are generated via hardware RNG. Documented capabilities include file operations, shell operations, persistent scheduled task creation, DLL injection, targeted DLL injection into WeChat, and RDP session hijacking. The malware can also actively terminate TCP connections associated with Chinese security products including 360 Safe, Huorong, Kingsoft, and QQ PC Manager.
The campaign infrastructure included multiple confirmed delivery domains registered in late 2025, including app-zoom.com, eyy-eyy.com, kefubao-pc.com, quickq-quickq.com, signal-signal.com, telegrtam.com.cn, trezor-trezor.com, ultraviewer-cn.com, wwtalk-app.com, www-surfshark.com, and www-teams.com. Reporting also states that installer packages in the campaign were signed with the same stolen Extended Validation certificate issued to DUC FABULOUS CO., LTD, a Vietnamese entity, and that the reused stolen certificate was intended to make payloads appear legitimate and help bypass security checks. Targeting described in the source material includes Chinese-speaking users and, in broader Silver Fox activity, organizations and users across Taiwan, Japan, India, and Southeast Asia, including medical institutions, financial companies, and corporate environments.
Hunt this family in your stack
Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
Groups observed using it
5 distinct threat actors attributed by public researchers. Open in Mallory to see the full evidence chain and overlapping campaigns.
After gaining initial entry through phishing, the attackers deploy a range of malware tools including ValleyRAT, AtlasCross RAT, and the Catena loader.
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT.
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT.
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT.
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT.
Techniques & procedures
23 distinct techniques documented for this family, organized by ATT&CK tactic.
Resource Development
1 techniqueThe campaign is actively targeting Chinese-speaking users by employing typosquatted domains to impersonate trusted software brands.
Initial Access
3 techniquesSilver Fox has launched a new wave of attacks ... using fake tax audit notifications and counterfeit software update alerts to install dangerous malware on victim systems.
If a target opens the email, they may encounter a disguised shortcut file or an Office document with hidden macros, both designed to quietly trigger a malware download without the user realizing it.
The attack chains involve using bogus websites as lures to trick users into downloading ZIP archives containing an installer that drops a trojanized Autodesk binary along with the legitimate decoy application.
Execution
5 techniquesAtlasCross RAT comes with capabilities to facilitate targeted DLL injection into WeChat, RDP session hijacking... file and shell operations, and persistent scheduled task creation.
The RAT embeds the PowerChell framework, a native C/C++ PowerShell execution engine that hosts the .NET CLR directly within the malware process...
...an Office document with hidden macros, both designed to quietly trigger a malware download...
If a target opens the email, they may encounter a disguised shortcut file or an Office document with hidden macros, both designed to quietly trigger a malware download without the user realizing it.
Persistence
2 techniquesAtlasCross RAT comes with capabilities to facilitate targeted DLL injection into WeChat, RDP session hijacking... file and shell operations, and persistent scheduled task creation.
Privilege Escalation
5 techniquesAtlasCross RAT comes with capabilities to facilitate targeted DLL injection into WeChat, RDP session hijacking... file and shell operations, and persistent scheduled task creation.
AtlasCross RAT comes with capabilities to facilitate targeted DLL injection into WeChat...
One of the most concerning techniques used by the group is the Bring Your Own Vulnerable Driver (BYOVD) method. Silver Fox loads older, legitimately signed Windows drivers that contain known security flaws, then exploits those flaws to disable antivirus and endpoint detection and response (EDR) tools...
Stealth
5 techniquesAttackers create fake websites mimicking brands like Surfshark VPN, Signal, Telegram, and Zoom, tricking users into downloading ZIP archives.
AtlasCross RAT comes with capabilities to facilitate targeted DLL injection into WeChat...
...downloads a second-stage shellcode payload from "bifa668[.]com" over TCP on port 9899, ultimately leading to the execution of AtlasCross RAT in memory.
Defense Impairment
1 techniqueThe reuse of a single stolen code-signing certificate across multiple malware campaigns highlights a concerning trend of cybercriminals seeking to legitimize malicious payloads and bypass security checks.
Lateral Movement
1 techniqueIt also features capabilities for ... RDP session hijacking...
Command and Control
4 techniquesThe trojanized AutoDesk installer, in turn, launches a shellcode loader that decrypts an embedded Gh0st RAT configuration to extract the command-and-control (C2) details... C2 traffic is encrypted with ChaCha20 using per-packet random keys generated via hardware RNG.
The campaign has also been observed delivering second-stage payloads from cloud storage infrastructure...
...followed by the installation of a remote management tool signed by a seemingly legitimate company, allowing the attackers to maintain persistent access and pull data from inside the network.
[The RAT] employs ChaCha20 encryption for its command-and-control (C2) traffic.
Other
2 techniquesIOCs tracked for this family
12 indicators attributed across vendor reports, sandbox runs, and researcher write-ups. Full values are available in Mallory.
IPs, domains, and DNS infrastructure linked to this family.
Recent activity
4 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A remote access trojan used in Silver Fox intrusion chains to maintain access, communicate with attacker infrastructure, and support lateral movement.
Referenced in cited prior reporting as a RAT associated with Silver Fox activity in Asia.
A newly identified remote access trojan distributed via trojanized installers from typosquatted sites impersonating trusted software brands. It uses a PowerChell framework to disable AMSI and ETW, encrypts C2 traffic with ChaCha20, supports DLL injection and RDP session hijacking, and terminates connections with Chinese security products. It is used for data theft and financial fraud.
A previously undocumented remote access trojan used by Silver Fox that executes in memory and embeds the PowerChell framework to run PowerShell via a native C/C++ engine while disabling AMSI, ETW, Constrained Language Mode, and ScriptBlock logging. It supports targeted DLL injection into WeChat, RDP session hijacking, TCP-level termination of connections from Chinese security products, file and shell operations, and persistent scheduled task creation.
The version that knows your environment.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.