Rewterz Threat Alert – Gh0st RAT – A Decades-Old Open-Source Remote Administration Tool (RAT) – Active IOCs
Tags
| country: | Bolivia China North Korea Hong Kong South Korea |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | eb5d11b9-731e-496b-ba22-7f5ee4d14058 |
| Fingerprint | a7b21905ae557f8d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 19, 2023, 10:22 a.m. |
| Added to db | June 26, 2023, 12:32 p.m. |
| Last updated | Sept. 4, 2024, 11:24 p.m. |
| Headline | Rewterz Threat Alert – Gh0st RAT – A Decades-Old Open-Source Remote Administration Tool (RAT) – Active IOCs |
| Title | Rewterz Threat Alert – Gh0st RAT – A Decades-Old Open-Source Remote Administration Tool (RAT) – Active IOCs |
| Detected Hints/Tags/Attributes | 58/3/14 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 365 | ✔ | — | https://www.rewterz.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 16 | cve-2023-29356 |
|
| Details | CVE | 11 | cve-2023-32535 |
|
| Details | md5 | 1 | 99d3b263866a565ce24819e430c4e802 |
|
| Details | md5 | 1 | 5f81262f5577b8a3e0ac70b25c7a706e |
|
| Details | md5 | 1 | c1cce28493f6d1dc7d8ac1a1c294d2fe |
|
| Details | md5 | 1 | be2a1668352f1be7c355b94d5b942721 |
|
| Details | sha1 | 1 | d5c6e0962320324c2e5082bd090ca9bbd8c7e3aa |
|
| Details | sha1 | 1 | 455a45c9f875c42a8980c4196424419b6222c19c |
|
| Details | sha1 | 1 | 94c02fad70a1ae191aaff02d2f26895a33ef80c8 |
|
| Details | sha1 | 1 | 6012e12e862862760cd8e507e20621837aa8348b |
|
| Details | sha256 | 1 | aecead7bb0ec85e54dc902a2d02a6051b70b1a5d273c839a41a9f1246872d7b4 |
|
| Details | sha256 | 1 | df220b8608808820d98603530b37c943fcd84f80d5086d23de669e53e22c4143 |
|
| Details | sha256 | 1 | 3fdc52a387a12b0bf5ef0cc14d57cb08e52a66774c0069625c05d2260ca2fdf5 |
|
| Details | sha256 | 1 | 9e53bc6c5fcbb2a32ca55647e429318879a80077aeb83a45f9745fce86e3ff8c |