Tracking an evolving Discord-based RAT family

ReversingLabs identified four closely related Discord-based remote access trojans (UwUdisRAT, STD RAT, Minecraft RAT, and Propionanilide RAT) attributed to the actor calling themselves "STD Group." The report details compilation timestamps, obfuscation (ROT23, stack strings, decoys), a custom packer (Proplock/STD Crypter using XZ/LZMA2 and XOR), shared mutexes and other TTPs, and provides extensive IOCs (many file hashes), a Python ROT-23 decryptor, and YARA rules to detect both packed and payload samples.