Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 64-bit Windows platform, family GhostRat
This threat is a Remote Access Trojan (RAT) from the GhostRat family, detected by its malicious behavior using machine learning. Its purpose is to grant an attacker covert remote control over the infected system, enabling data theft, surveillance, and further compromise. The detection indicates that the malware was observed performing suspicious actions on the machine.
No specific strings found for this threat
e8e868f18b974936cb2c14f9c88f6afe27e4c1b4b5e59ef308f5a87ff0f7e6817d2e6cdc28b68db116c3e1bbc9b9a811fb69471a5719c3bed0741f61d49f7b103ad75def63b0388077e48159822ae51e9fb3c153fcb525cc6f7bde3406d73373b6ecd2a966d1e4d31d42537465eaec433ad48df4d06aa252b2a3d1baf1660e5bIsolate the affected host from the network immediately. Use Windows Defender to quarantine and remove the threat. Investigate the system for signs of persistence, data exfiltration, or lateral movement, and consider resetting passwords for any accounts used on the machine.