Rewterz Threat Alert – Gh0st RAT – A Decades-Old Open-Source Remote Administration Tool (RAT) Seen Active In Recent Phishing Campaign – Active IOCs
Common Information
Type Value
UUID 7f46c75c-edff-49b5-b8b8-050a5f979403
Fingerprint b7b00921aa556e8e
Analysis status DONE
Considered CTI value 2
Text language
Published May 1, 2023, 10:52 a.m.
Added to db May 3, 2023, 1:20 p.m.
Last updated Dec. 19, 2024, 4:49 p.m.
Headline Rewterz Threat Alert – Gh0st RAT – A Decades-Old Open-Source Remote Administration Tool (RAT) Seen Active In Recent Phishing Campaign – Active IOCs
Title Rewterz Threat Alert – Gh0st RAT – A Decades-Old Open-Source Remote Administration Tool (RAT) Seen Active In Recent Phishing Campaign – Active IOCs
Detected Hints/Tags/Attributes 58/3/19
RSS Feed
Attributes
Details Type #Events CTI Value
Details Domain 3
api.youkesdt.asia
Details Domain 5
datacache.cloudservicesdevc.tk
Details File 3
sqlversion9.dll
Details md5 3
9e6c45b6b8b20bf3c5959dbba8f27117
Details md5 3
96e4b47a136910d6f588b40d872e7f9d
Details md5 3
317f9ff06c076e87e5b1d11242396d5f
Details md5 3
4723a2a8f68c1eaf82809cff29b8e56f
Details sha1 1
3f92403135c5c9e2c7bba370fcc7a615ab429395
Details sha1 1
0d2eae5df6a4bbf79ec8cd3505d00c4bdabf331e
Details sha1 1
29868086fe5adb4b32c0216d953c419b596246c7
Details sha1 1
c74dbcc5f60a3c7ee79932453db4a374fdde58e6
Details sha256 1
a7579376b40d4afb7535df9148b74143d23490c415eae5103de5ea1b3177f2c8
Details sha256 1
f788ed739241f79688653d27aeefd18c9d8142a31fe0b5342535e392c040dd9b
Details sha256 1
0e10625daf43a3f4c67f2840ced29d535d0307148819c8ec73a7e76241e9f644
Details sha256 1
d817badc2ec3677d18a6b7a3f7c17cee5c768928f8af89fe3427ac4c918f92ee
Details IPv4 3
61.160.223.114
Details Url 3
https://api.youkesdt.asia/admin/down/hash/79b7c6ed-c4d8-4b36-b1cd-f968e6570010
Details Url 3
http://datacache.cloudservicesdevc.tk/picturess/2023/sqlversion9.dll
Details Url 3
http://61.160.223.114:18076