Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 64-bit Windows platform, family GhostRat
This threat is a Remote Access Trojan (RAT) from the GhostRat family, detected by its malicious behavior using machine learning. Its purpose is to grant an attacker covert remote control over the infected system, enabling data theft, surveillance, and further compromise. The detection indicates that the malware was observed performing suspicious actions on the machine.
No specific strings found for this threat
fd7ba89670c0b89e31619074d75089487012e4492b3319b2c418a6fe2dc22b1e246511b11ac092dad686f3c0b99e6445299f0fb72f379b2d06e8a112e02efb0384aa32d0c5eb678f62ba0c24d6f39ed9b61acf261a89ddaa1fb3d9ca392b12318499fd447499819f00745498b8f38d071906e6b5e5ccb49b1a3d6fc38834418d2dbf5c53823c1051d12e867cbdbd57e76fe2e924520517b355aeba2f33e966bfIsolate the affected host from the network immediately. Use Windows Defender to quarantine and remove the threat. Investigate the system for signs of persistence, data exfiltration, or lateral movement, and consider resetting passwords for any accounts used on the machine.