Třída: Trojan
Škodlivý program určený k elektronickému špehování aktivit uživatele (zachytit vstup klávesnice, pořídit screenshoty, zachytit seznam aktivních aplikací apod.). Shromažďované informace jsou kybernetickému uživateli odesílány různými prostředky, včetně e-mailu, FTP a HTTP (zasláním dat v žádosti).Platfoma: Win64
Win64 je platforma v operačních systémech Windows pro provádění 32- / 64bitových aplikací. Programy Win64 nelze spustit v 32bitových verzích systému Windows.Family: Trojan.Win64.Agentb
No family descriptionExamples
7EE28436FEB1EAA2177C47198A181880D0B9EB47DA5458EC52A2ED780AC2040F
9135456601BC929D3C93939AC162B56E
0A6ED7333821E10C83E7A1D64C4DDEE2
36EEE98A81D85F7A5438838B4607C77B
Tactics and Techniques: Mitre*
TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1036.008
Masquerade File Type
Adversaries may masquerade malicious payloads as legitimate files through changes to the payload's formatting, including the file’s signature, extension, icon, and contents. Various file types have a typical standard format, including how they are encoded and organized. For example, a file’s signature (also known as header or magic bytes) is the beginning bytes of a file and is often used to identify the file’s type. For example, the header of a JPEG file, is
0xFF 0xD8 and the file extension is either `.JPE`, `.JPEG` or `.JPG`. * © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.