STX RAT: A new RAT in 2026 with Infostealer Capabilities STX RAT is a newly identified remote access trojan observed in late February 2026 that uses opportunistic initial access (e.g., browser-downloaded VBScript and trojanized FileZilla installers), a custom multi-stage unpacker, in-memory execution, and a mature C2 channel protected by X25519/Ed25519 and ChaCha20-Poly1305. The implant includes extensive defensive-evasion (anti-VM, AMSI Ghosting, API hashing, string obfuscation), HVNC hidden-remote-desktop capabilities, and credential/crypto-wallet/FTP theft gated by C2 commands. #STXRAT #eSentireTRU

STX RAT surfaced in early 2026, featuring multi-stage unpacking, in-memory execution, and encrypted C2 with X25519/Ed25519. Capable of credential, crypto-wallet, and FTP theft plus HVNC remote desktop. #STXRAT #FinancialThreat #DataTheft