gptkbp:instanceOf
|
Remote Access Trojan
|
gptkbp:abusedBy
|
Cybercriminals
|
gptkbp:analyzes
|
Security researchers
|
gptkbp:canBeBypassedBy
|
gptkb:User_Account_Control_(UAC)
Antivirus software
|
gptkbp:canBeCaptured
|
Audio
Webcam video
Screenshots
|
gptkbp:canDownload
|
gptkb:Files
|
gptkbp:canExecute
|
Commands remotely
|
gptkbp:canPersist
|
On infected system
|
gptkbp:canSteal
|
Browser credentials
Clipboard data
Email credentials
FTP credentials
VPN credentials
|
gptkbp:canUninstall
|
Itself
|
gptkbp:canUpload
|
gptkb:Files
|
gptkbp:category
|
gptkb:Remote_Administration_Tool
malware
Cybersecurity threat
|
gptkbp:communicatesVia
|
gptkb:HTTP
gptkb:TCP
gptkb:UDP
Custom protocols
|
gptkbp:detects
|
gptkb:Antivirus_vendors
|
gptkbp:developedBy
|
gptkb:Breaking_Security
|
gptkbp:firstAppearance
|
2016
|
https://www.w3.org/2000/01/rdf-schema#label
|
Remcos
|
gptkbp:notable_campaign
|
gptkb:COVID-19_phishing_campaigns
Banking credential theft campaigns
Targeted attacks on businesses
|
gptkbp:notableRelease
|
Itself
|
gptkbp:operatingSystem
|
gptkb:Windows
|
gptkbp:sells
|
Commercial software
|
gptkbp:spreadTo
|
Exploit kits
Malicious attachments
Phishing emails
|
gptkbp:usedFor
|
Surveillance
Malware distribution
Credential theft
Keylogging
Remote control of infected computers
|
gptkbp:website
|
https://breakingsecurity.net/remcos/
|
gptkbp:bfsParent
|
gptkb:APT33
|
gptkbp:bfsLayer
|
6
|