MalBabble

Your antidote to the cyber-twaddle that is spread about security and malware. Many people research malware and security and the impact of both. Some insights are valuable; others are insanely stupid. MalBabble exists because insisting that conclusions be drawn from data is a coherent idea; that conjecture isn't evidence; and because appealing to conspiracy to validate ideas is intellectually lazy.

Pages

  • Home
  • Mind's Eye

Thursday, December 31, 2015

Gh0st

Community Synonyms:
Moudoor (Symantec)
HTTPS
Lurk (TrendMicro)

Malware Reference:
https://www.sentinelone.com/blog/the-curious-case-of-gh0st-malware/
https://www.emc.com/collateral/so-ASOC-use-case-gh0st-rat.pdf
http://malware-unplugged.blogspot.com/2015/01/hunting-and-decrypting-communications.html
http://download01.norman.no/documents/ThemanyfacesofGh0stRat.pdf
http://henrybasset.blogspot.com/2014/04/red-sky-weekly-gh0st-rat.html
http://www.mcafee.com/in/resources/white-papers/foundstone/wp-know-your-digital-enemy.pdf
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-detecting-apt-activity-with-network-traffic-analysis.pdf
http://blogs.rsa.com/will-gragido/lions-at-the-watering-hole-the-voho-affair/
http://www.mcafee.com/ca/resources/white-papers/foundstone/wp-know-your-digital-enemy.pdf
http://blog.trendmicro.com/trendlabs-security-intelligence/kunming-attack-leads-to-gh0st-rat-variant/
http://xanalysis.blogspot.com/2009/04/gh0st-rat.html

Posted by Starric at 7:47 AM
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: APT, Gh0st, HTTPS, Malware, Moudoor

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Blog Archive

  • ►  2019 (10)
    • ►  April (1)
    • ►  March (4)
    • ►  February (5)
  • ►  2016 (13)
    • ►  January (13)
  • ▼  2015 (23)
    • ▼  December (16)
      • ZoxPNG
      • Fexel
      • Stealer
      • ZxShell
      • AspxSpy
      • 9002
      • Poison Ivy
      • Hikit
      • Gh0st
      • Proxydown
      • Preshin
      • Gameover Zeus
      • Emotet
      • Dyzap
      • Crowti
      • Crilok (Cryptolocker)
    • ►  August (2)
    • ►  July (1)
    • ►  April (1)
    • ►  January (3)

Labels

  • 3102 (1)
  • 9002 (1)
  • Agtid (1)
  • Amisharp (1)
  • APT (18)
  • AspxSpy (1)
  • Backspace (1)
  • Black Energy (1)
  • BlackCoffee (1)
  • Boda (1)
  • Breut (1)
  • Briba (1)
  • c0d0so0 (1)
  • Comfoo (1)
  • Crilok (1)
  • crimeware (2)
  • Crowti (1)
  • Deputy Dog (1)
  • Derusbi (1)
  • Destory (1)
  • Disakil (1)
  • DPD (1)
  • Dyzap (1)
  • Elirks (1)
  • Elise (1)
  • Emissary (1)
  • Emotet (1)
  • Fexel (1)
  • Gameover (1)
  • Gaolmay (1)
  • Gh0st (1)
  • Go (1)
  • GoScanSSH (1)
  • Gulpix (1)
  • Hikit (1)
  • HTTPS (1)
  • Hydraq (1)
  • Kaba (1)
  • Kernelbot (1)
  • KillDisk (1)
  • lancafdo (1)
  • Lecna (1)
  • Linksys Worm (1)
  • Lstudio (1)
  • Malware (27)
  • Matrix (1)
  • McRat (1)
  • MdMBot (1)
  • Miancha (1)
  • Moudoor (1)
  • Naid (1)
  • Nancrat (1)
  • page (1)
  • PE File Header (5)
  • PirateMatryoshka (1)
  • PlugX (1)
  • Poison Ivy (1)
  • Preshin (2)
  • Proxydown (1)
  • sandworm (1)
  • Separ (1)
  • Shade (1)
  • Sharky RAT (1)
  • Shlayer (1)
  • Snefix (1)
  • Sogu (1)
  • sshbeardoor (2)
  • Stealer (1)
  • stscout (1)
  • Tabcteng (1)
  • TheMoon (1)
  • Thoper (1)
  • Tools (2)
  • Troldesh (1)
  • TVT (1)
  • Vasport (1)
  • Wumins (1)
  • Yara (6)
  • Zeus (1)
  • ZoxPNG (1)
  • ZxShell (1)
Simple theme. Powered by Blogger.