Do Son 
As artificial intelligence dominates tech headlines, cybercriminals are riding the wave. FortiGuard Labs has detailed a fresh campaign built around AsyncRAT AI lures — booby-trapped archives dressed up as AI learning resources that quietly deliver a stealthy .NET remote access trojan. The decoys carry titles such as “AI-Ready PostgreSQL 18” and a developer’s guide to agentic coding, tuned to catch professionals racing to upskill on AI. As the researchers put it, “threat actors have wasted no time exploiting the trend.”
The intrusion starts with a 7z archive that looks harmless. Its only visible item is a single shortcut file, but two PDFs sit beside it with a hidden attribute. Opening the shortcut fires an obfuscated command stitched together from native Windows tools — cmd.exe, more, type, and findstr. Crucially, the shortcut treats one of the hidden PDFs not as a document, but as a multi-zone data container. Each stage knows only how to pull the next slice of code from a specific offset, peeling open nested layers of PowerShell, Base64 data, and AES-encrypted blocks. The PowerShell stages run with a hidden window, -NoProfile, and -ExecutionPolicy Bypass to stay quiet and unrestricted.
From there, a decrypted PowerShell script carves several more regions out of the same PDF. It builds a working folder under a path crafted to mimic a Windows audio diagnostics component, then extracts and decodes embedded blocks into files named to look like Realtek tooling. A scheduled task posing as a Realtek audio service guarantees the loader runs shortly after infection and at every logon, while a clean decoy PDF opens on screen to keep the victim distracted.
Living off the land with AutoHotkey
What sets these AsyncRAT AI lures apart is the heavy abuse of legitimate software. The chain drops files masquerading as Realtek audio components, yet their hashes match AutoHotkey.exe. In effect, the attackers repurpose the trusted AutoHotkey loader as an execution engine while the malicious logic hides inside .ahk scripts that are easy to mutate and hard to fingerprint. One module rebuilds a hidden PE file from plain numeric text, then injects it into a legitimate .NET process using a classic process hollowing routine — CreateProcess, VirtualAllocEx, WriteProcessMemory, SetThreadContext, and ResumeThread.
Layered persistence and Defender evasion
Persistence is deliberately redundant. The malware registers several scheduled tasks disguised as Realtek services, then stacks a VBS-mediated task chain on top so no single launcher carries the whole load. It even repairs Windows Script Host and restores .vbs file associations if a hardened machine has disabled them. To clear the path, one script runs an elevated PowerShell process that adds C:\ and powershell.exe to Microsoft Defender’s exclusion lists — an overt defense-evasion move before the final stages execute.
A modular RAT, and a generative AI tell
The payoff is a modular .NET RAT that can capture screenshots, drive a remote desktop, load assemblies filelessly, and hollow trusted processes, all while talking to its operators over encrypted channels. Captured data is serialized, encrypted with a RijndaelManaged cipher, and shipped to rotating command-and-control domains. A parallel branch delivers AsyncRAT, beaconing to the C2 address 107.172.10.190. The operators also left fingerprints behind: Simplified Chinese variable names, an unsanitized Chinese comment, and a stray emoji annotation point to AI assistance during development — what FortiGuard describes as AI-generated output that “was not fully sanitized before deployment.” The human designed the logic; the machine, it seems, wrote much of the code.
The complete technical walkthrough, including indicators of compromise, appears in FortiGuard Labs’ threat research analysis. Defenders should treat unexpected shortcut files and archives from untrusted sources with suspicion, audit scheduled tasks and registry keys for unauthorized changes, and watch for anomalous PowerShell activity and unusual outbound connections. As these AsyncRAT AI lures make clear, the rush to learn AI has become the latest bait for opportunistic attackers.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
