Back to matmat's feed
🦠Malware AnalysisRapid7 Cybersecurity BlogContent type: Blog

Malware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader Chain (opens in new tab)

Covered by 3 sources See all sources covering this story including tldr.tech, BadCyber

Executive summaryRapid7 researchers have identified a sophisticated malware campaign attributed to the threat actor "Dropping Elephant," characterized by the use of a China-themed decoy document to deliver a heavily reworked, in-memory remote access trojan (RAT). This campaign demonstrates advanced evasion techniques, including DLL side-loading with a legitimate Microsoft binary (Fondue.exe) and the use of "Donut" shellcode to map the RAT directly into memory, effectively bypassing traditiona...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 3 articles

tldr.tech·

GlassWASM VSX Malware 📦, Boots Phishing Blitz 🎣, Homebrew 6.0 Security 🍺

Feeds
BadCyber·

IT Security Weekend Catch Up – June 19, 2026

Feeds
news.risky.biz·

Risky Bulletin: Canada’s spy agency allowed to remove a botnet from Canadian devices

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help