![]() ![]() SpicyOmelette can enumerate running software on a targeted system. Siloscape searches for the kubectl binary. Sidewinder has used tools to enumerate software installed on an infected host. ShimRatReporter gathered a list of installed software on the infected host. ![]() RTM can scan victim drives to look for specific banking software on the machine to determine next actions. QakBot can enumerate a list of installed programs. Webshell can list PHP server configuration details. Orz can gather the victim's Internet Explorer version. ![]() Operation Wocao has collected a list of installed software on the infected system. Mustang Panda has searched the victim system for the InstallUtil.exe program and its version. MuddyWater has used a PowerShell backdoor to check for Skype connectivity on the target machine. Metamorfo has searched the compromised system for banking applications. MarkiRAT can check for the Telegram installation directory by enumerating the files on disk. KGH_SPY can collect information on installed applications. InvisiMole can collect information about installed software used by specific users, software executed on user login, and software executed by each system. Inception has enumerated installed software on compromised systems. HotCroissant can retrieve a list of applications from the SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths registry key. ĭyre has the ability to identify installed programs on a compromised host. ĭustySky lists all installed software for the infected machine. ĭridex has collected a list of installed software on the system. ĭown_new has the ability to gather information on installed applications. ĬomRAT can check the victim's default browser to determine which process to inject its communications module into. The Cobalt Strike System Profiler can discover applications through the browser and identify the version of Java the target has. ![]() ĬharmPower can list the installed applications on a compromised host. īundlore has the ability to enumerate what browser is being used as well as version information for Safari. īRONZE BUTLER has used tools to enumerate software installed on an infected host. Bazar can query the Registry for installed applications. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |