GhostRAT3
Gh0stRAT Chinese QQ lure. C2 config with RC4 encryption. Delphi VCL. Chinese APT usage. Active since 2008.
Threat Profile
Type
RAT
Programming LanguageDelphi/C++
C2 ProtocolTCP RC4
First Seen2008
Targets
Çin/Küresel
Purpose / Capabilities
- Remote Access
No C2 servers have been identified for this family yet.
Research Reports (1)
Gh0stRAT -- Çince QQ Müzik Dosyası Tuzağı, 262=2c2p2 RC4 Şifreli Config, Delphi VCL | Orta
GhostRAT 826KB Cince QQ muzik dosyasi lure. 262=2c2p2 1O1j1 2.2c2 RC4 sifretli config. TConversion TConversionFormat Delphi VCL.
Read Report →