BH_A006
Description
(BleepingComputer) BH_A006 is a heavily modified version of the Gh0st RAT backdoor, featuring many layers of obfuscation to bypass security protections and thwart analysis.
Its features include network service creation, UAC bypassing, and shellcode unpacking and launching in the memory.
Names
| Name |
|---|
| BH_A006 |
Category
Malware
Type
- Reconnaissance
- Backdoor
- Keylogger
- Info stealer
Information
- https://www.bleepingcomputer.com/news/security/chinese-space-pirates-are-hacking-russian-aerospace-firms/
- https://www.ptsecurity.com/ru-ru/research/pt-esc-threat-intelligence/space-pirates-tools-and-connections/
Other Information
Uuid
c1bd4d19-ed21-45b3-a7a3-bc81ded7effb
Last Card Change
2022-07-19