IOC Radar
TLP:WHITE1 IOC

EvilTokens: How “Ghost” Code Threatens US and European Businesses

AC
ANY.RUN Cybersecurity Blog
Published June 23, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREunknownCAPABILITYGh0st RATVICTIMunknown
Adversary
Infrastructure
Capability(1)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
MD5fcd1b654a0b3e8f85ca7cfdafe494d4b
file-hashintel-blogmalware
Medium
53
Jun 24, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
MD5
MD51Malware1REPORTEvilTokens: How “Ghost” CoGh0st RAT
scroll to zoom · drag to pan · click IOC to open