ID | Votes | Profile Description |
---|---|---|
gh0st RAT | 5 | Gh0st RAT is a notorious malware that was originally developed by the C. Rufus Security Team in China and has been widely used for cyber espionage since its code leaked in 2008. This malicious software can infiltrate systems through suspicious downloads, emails, or websites, often without the user's |
Sugargh0st | 3 | SugarGh0st is a malicious software (malware) variant first identified by Cisco Talos in November of the previous year. The malware, believed to be connected to China, has been deployed in cyberespionage campaigns primarily targeting the Ministry of Foreign Affairs in Uzbekistan and users in South Ko |
Sugargh0st Rat | 1 | SugarGh0st RAT is a relatively new variant of the Gh0st RAT malware, first identified by researchers at Cisco Talos in November 2023. This Remote Access Trojan (RAT) has been used to carry out cyberespionage and surveillance campaigns against various targets, including government officials in Uzbeki |
Bh_a006 | 1 | BH_A006 is a sophisticated malware, named after the string constantly found in PDB paths and internal names of DLL libraries associated with the backdoor. This malware is part of the BH_A006 family of backdoor samples, which has been found to use an obfuscated unknown protector at one of its stages. |
ID | Type | Votes | Profile Description |
---|---|---|---|
win32/farfli.bur Gh0st Rat | Unspecified | 2 | None |
win32/farfli.cuo Gh0st Rat | Unspecified | 2 | The Win32/Farfli.CUO Gh0st RAT is a significant vulnerability that poses a threat to the security of Windows systems. It represents a flaw in software, design, or implementation that allows unauthorized access and control over affected systems. This variant of the Gh0st RAT (Remote Access Trojan) ha |
win32/farfli.blh Gh0st Rat | Unspecified | 2 | None |
Cfd900b77494574a01ea8270194f00e573e80f94 | Unspecified | 2 | None |
5e4021ae96d4b28dd27382e3520e8333288d7095 | Unspecified | 2 | None |
A51a0bcce028966c4fcbb1581303980cf10669e0 | Unspecified | 2 | None |
PlugX | Unspecified | 1 | PlugX is a notorious malware, typically associated with Chinese threat actors, that has been used in various cyberattacks. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data for ransom. It |
ZLib | Unspecified | 1 | Zlib is a known malware, a harmful program designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can cause significant damage, including stealing personal information, disrupting opera |
ID | Type | Votes | Profile Description |
---|---|---|---|
Iron Tiger | Unspecified | 1 | Iron Tiger, also known as Iron Taurus or APT27, is a threat actor group known for executing malicious actions with the intent of espionage. The group became prominent after its involvement in Operation Iron Tiger, which was reported in 2015. This operation was a series of Chinese cyber-espionage att |
ID | Type | Votes | Profile Description |
---|---|---|---|
A51a0bcce028966c4fcbb1581303980cf10669e0 templatex.txt win32/farfli.cuo Gh0st Rat | Unspecified | 2 | None |
Source | CreatedAt | Title |
---|---|---|
Unit42 | 2 months ago | Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia |
Checkpoint | 8 months ago | 4th December – Threat Intelligence Report - Check Point Research |
CERT-EU | 8 months ago | Suspected China-based hackers target Uzbekistan gov’t, South Koreans, Cisco says | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
DARKReading | 8 months ago | A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets |
CERT-EU | a year ago | Space Pirates: analyzing the tools and connections of a new hacker group |
MITRE | a year ago | BabyShark Malware Part Two – Attacks Continue Using KimJongRAT and PCRat |
MITRE | a year ago | COVID-19 and New Year greetings: an investigation into the tools and methods used by the Higaisa group |
CERT-EU | a year ago | Not‑so‑private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets | WeLiveSecurity |
MITRE | a year ago | New LNK attack tied to Higaisa APT discovered | Malwarebytes Labs |
ESET | a year ago | Not‑so‑private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets | WeLiveSecurity |
MITRE | a year ago | Decoding network data from a Gh0st RAT variant |
MITRE | a year ago | Musical Chairs Playing Tetris | NETSCOUT |