The odd case of a Gh0stRAT variant | AT&T Alien Labs

This is a guest post by independent security researcher James Quinn. This will be Part 1 of a series titled Reversing Gh0stRAT Variants. As 2018 drew to a close and 2019 took over, I began to see a different behavior from SMB malware authors.  Instead of massive, multi-staged cryptocurrency miners, I began to see more small, covert RATs serving as partial stage1’s.  Of these samples, there was one specific sample that stood out to me.  A Gh0stRAT variant, this
— Read on www.alienvault.com/blogs/labs-research/the-odd-case-of-a-gh0strat-variant

Leave a Reply

Your email address will not be published. Required fields are marked *