gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)

gh0st RAT is a remote access tool (RAT). The source code is public and it has been used by multiple groups.^{[FireEye Hacking Team]}^{[Arbor Musical Chairs Feb 2018]}^{[Nccgroup Gh0st April 2018]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
TA459 (e343c1f1-458c-467b-bc4a-c1b97b2127e3)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
Threat Group-3390 (79be2f31-5626-425e-844c-fd9c99e38fe5)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
Higaisa (f1477581-d485-403f-a95f-c56bf88c5d1e)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
PittyTiger (60936d3c-37ed-4116-a407-868da3aa4446)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
Andariel (2cc997b5-5076-4eef-9974-f54387614f46)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
APT5 (f46d6ee9-9d1d-586a-9f2d-6bff8fb92910)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
Leviathan (eadd78e3-3b5d-430a-b994-4360b172c871)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
Axiom (90f4d3f9-3fe3-4a64-8dc1-172c6d037dca)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
APT18 (a0c31021-b281-4c41-9855-436768299fe7)	Tidal Groups	gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	1
gh0st RAT (269ef8f5-35c8-44ba-afe4-63f4c6431427)	Tidal Software	Kimsuky (37f317d8-02f0-43d4-8a7d-7a65ce8aadf1)	Tidal Groups	1