ValleyRAT Malware and the Evolving Landscape of Ransomware Threats 

Morphisec researchers describe ValleyRAT, a sophisticated, memory-resident Remote Access Trojan attributed to the China-linked Silver Fox APT that targets high-value sectors. The report details multi-stage in-memory execution using DLL side-loading, process injection, and LOLBINs (e.g., nslookup.exe), notes expanded capabilities such as keylogging and registry persistence, provides IOCs (domains, filenames, hashes), and recommends preemptive defenses like Automated Moving Target Defense to mitigate detection-evasive attacks.