← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Analysis of Nood RAT Used in Attacks Against Linux (Gh0st RAT&'s Variant) - ASEC BLOG
WHITE CyberHunter_NL 2024-02-26 Modified: 2024-03-27
50
IOCs
MEDIUM VOLUME
Nood RAT is a variant of the Gh0st remote control malware developed by the C. Rufus Security Team of China, which has been used in a number of vulnerability attacks.
nood ratgh0st ratlinuxc serverkey typerc4 algorithmrc4 keyasecnoodmssqlcloud snooperkoreanrockepathformatdategh0stoverview gh0stlinux nood
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Overview Gh0st Cloud Snooper Linux Nood Nood RAT Linux Gh0st Nood
Indicators of Compromise (13 / 50 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 035f83018cf96f5e1f6817ccd39fc0b6 2024-02-26
FileHash-MD5 0a35e06f53c17ab1c8e18e7e0c0821d8 2024-02-26
FileHash-MD5 35743db3dc333245ef5b69100721ced9 2024-02-26
FileHash-MD5 4f3afdcfff8f7994b7d3d3fbaa6858b4 2024-02-26
FileHash-MD5 75838e5d481da40db2e235a6d5a222ef 2024-02-26
FileHash-MD5 7d631e5b0c78805dd5d440cce788d25b 2024-02-26
FileHash-MD5 8457f71c6a5fe83bb513d1dfba99271a 2024-02-26
FileHash-MD5 905c2158fadfe31850766f010e149a0f 2024-02-26
FileHash-MD5 97db3f7676380f0baa3840ed5d5c1767 2024-02-26
FileHash-MD5 a15ebd19cac42b0297858018da62b1be 2024-02-26
FileHash-MD5 b4910e998cf58da452f8151b71c868cb 2024-02-26
FileHash-MD5 c440bd814be37fac669567131c4ba996 2024-02-26
FileHash-MD5 d9f00f71efabdfcca7c63d4b0805673c 2024-02-26
References (1)
↗ https://asec.ahnlab.com/en/62144/