"The first file is a loader, which is started as a service. The loader decrypts the second file, and executes it in memory, which is the main Remote Access Trojan (RAT)." The Taidoor
RAT is then used to allow Chinese hackers to access infected systems and exfiltrate data or deploy other malware -- the usual things for which remote access trojans are typically employed.
Learn more >