Comment by pixel_popping

Most RATs are signed, that's a hurdle but it's clearly not a big deal to bypass for criminals, many "SSL companies" provide them, just have to use fake docs and you'll be issued it, many shady services sell those signatures as well and it doesn't look like it cost more than $15 per binary, so obviously, not so secure in practice.