GhostRat
GhostRAT Gh0st RAT. VC20XC00U mutex. ChangeServiceConfig2A service persistence. Ursprung: Chinese hackers.
Threat Profile
Type
RAT
Programming LanguageC++
C2 ProtocolTCP
First Seen2008
Targets
Küresel
Purpose / Capabilities
- Remote Access
No C2 servers have been identified for this family yet.
Research Reports (1)
GhostRat2 -- VC20XC00U Karakteristik Mutex, ChangeServiceConfig2A Servis Kalıcılığı, Üçlü GetTickCount Anti-Debug | Yüksek
GhostRat2 1.3MB exe. VC20XC00U iki kez tekrar eden GhostRAT karakteristik mutex. ChangeServiceConfig2A Windows servis kurulumu kalicilik. Uclu GetTickCount anti-debug.
Read Report →