GhostRat

GhostRAT Gh0st RAT. VC20XC00U mutex. ChangeServiceConfig2A service persistence. Ursprung: Chinese hackers.

Threat Profile
Type RAT
Programming LanguageC++
C2 ProtocolTCP
First Seen2008
Targets Küresel
Purpose / Capabilities
  • Remote Access
No C2 servers have been identified for this family yet.

Research Reports (1)

High

GhostRat2 -- VC20XC00U Karakteristik Mutex, ChangeServiceConfig2A Servis Kalıcılığı, Üçlü GetTickCount Anti-Debug | Yüksek

GhostRat2 1.3MB exe. VC20XC00U iki kez tekrar eden GhostRAT karakteristik mutex. ChangeServiceConfig2A Windows servis kurulumu kalicilik. Uclu GetTickCount anti-debug.

Read Report →