Třída: Trojan
Škodlivý program určený k elektronickému špehování aktivit uživatele (zachytit vstup klávesnice, pořídit screenshoty, zachytit seznam aktivních aplikací apod.). Shromažďované informace jsou kybernetickému uživateli odesílány různými prostředky, včetně e-mailu, FTP a HTTP (zasláním dat v žádosti).Platfoma: MSIL
Společný středně pokročilý jazyk (dříve známý jako Microsoft Intermediate Language nebo MSIL) je pokročilý jazyk vyvinutý společností Microsoft pro rozhraní .NET Framework. Kód CIL je generován všemi kompilátory Microsoft .NET v aplikaci Microsoft Visual Studio (Visual Basic .NET, Visual C ++, Visual C # a další).Family: Trojan.MSIL.Donut
No family descriptionExamples
087A4A07913C5A2A30E093BADCE6131CTactics and Techniques: Mitre*
TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1562.001
Disable or Modify Tools
Adversaries may modify and/or disable security tools to avoid possible detection of their malware/tools and activities. This may take many forms, such as killing security software processes or services, modifying / deleting Registry keys or configuration files so that tools do not operate properly, or other methods to interfere with security tools scanning or reporting information. Adversaries may also disable updates to prevent the latest security patches from reaching tools on victim systems.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.