DUBAI, DUBAI, UNITED ARAB EMIRATES, February 24, 2026 /EINPresswire.com/ -- ANY.RUN researchers have identified Moonrise, a newly discovered Go-based remote access trojan that maintained active command-and-control communication without early static detection. At the time of analysis, the sample had no vendor signatures and was not flagged by reputation-based tools.

The finding highlights a growing security challenge: modern remote access threats can establish control and operate silently while traditional static defenses remain inactive.

𝐌𝐨𝐨𝐧𝐫𝐢𝐬𝐞 𝐑𝐀𝐓 𝐎𝐯𝐞𝐫𝐯𝐢𝐞𝐰

Moonrise is a designed to provide operators with full interactive control over compromised systems. Behavioral analysis revealed outbound C2 communication, remote command execution, credential harvesting capabilities, file upload and execution functions, persistence mechanisms, and user monitoring features including screen capture and clipboard tracking.

Moonrise’s capabilities create immediate and measurable business risk:

· Credential theft that exposes passwords, session tokens, and access to critical systems

· Remote command execution that allows attackers to manipulate internal applications and interfere with operations

· Payload delivery enabling the deployment of additional malware, including stealers or ransomware

· Persistence mechanisms that extend attacker dwell time and delay containment

· Higher probability of operational disruption, data loss, regulatory exposure, and reputational damage

𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍

ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, helps organizations detect active threats earlier and reduce operational risk. It enables teams to execute suspicious files and URLs safely, confirm real behavior in minutes, and enrich indicators with immediate context. More than 600,000 security professionals across 15,000+ organizations rely on ANY.RUN to speed up triage, reduce unnecessary escalations, and strengthen detection coverage.

