GhostRAT3

Gh0stRAT Chinese QQ lure. C2 config with RC4 encryption. Delphi VCL. Chinese APT usage. Active since 2008.

Threat Profile
Type RAT
Programming LanguageDelphi/C++
C2 ProtocolTCP RC4
First Seen2008
Targets Çin/Küresel
Purpose / Capabilities
  • Remote Access
No C2 servers have been identified for this family yet.

Research Reports (1)

Medium

Gh0stRAT -- Çince QQ Müzik Dosyası Tuzağı, 262=2c2p2 RC4 Şifreli Config, Delphi VCL | Orta

GhostRAT 826KB Cince QQ muzik dosyasi lure. 262=2c2p2 1O1j1 2.2c2 RC4 sifretli config. TConversion TConversionFormat Delphi VCL.

Read Report →