Statements (64)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Remote Access Trojan
|
| gptkbp:abilities |
DDoS attacks
Audio recording Credential harvesting Modular architecture Remote desktop Reverse proxy Data exfiltration Command execution File management Keylogger Password stealing Persistence mechanisms Process management Remote shell USB infection Webcam access Plugin support Network communication Anti-analysis features Bypass UAC Clipboard monitoring Customizable plugins Encrypted communication File encryption Network scanning Obfuscation Persistence via DLL injection Persistence via WMI Persistence via registry Persistence via scheduled tasks Persistence via service Persistence via shortcut Persistence via startup folder Persistence via task scheduler Registry editing Screen locker Screenshot capture Self-update |
| gptkbp:arrested |
gptkb:Taylor_Huddleston
|
| gptkbp:detects |
Antivirus software
|
| gptkbp:developedBy |
gptkb:Taylor_Huddleston
|
| gptkbp:firstReleased |
2013
|
| https://www.w3.org/2000/01/rdf-schema#label |
NanoCore
|
| gptkbp:notableVariant |
gptkb:NanoCore_v1.2.2
gptkb:NanoCore_v1.2.7 |
| gptkbp:operatingSystem |
gptkb:Windows
|
| gptkbp:programmingLanguage |
gptkb:C#
|
| gptkbp:sells |
gptkb:Dark_web
|
| gptkbp:spreadTo |
Malicious attachments
Phishing emails |
| gptkbp:target |
Businesses
Individuals Government organizations |
| gptkbp:usedFor |
Surveillance
Credential theft File transfer Keylogging Remote control of infected computers Screen capture |
| gptkbp:usesMalware |
RAT
|
| gptkbp:bfsParent |
gptkb:APT33
gptkb:Trojan_(software) |
| gptkbp:bfsLayer |
6
|