Class: Trojan
A malicious program designed to electronically spy on the user’s activities (intercept keyboard input, take screenshots, capture a list of active applications, etc.). The collected information is sent to the cybercriminal by various means, including email, FTP, and HTTP (by sending data in a request).Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: Trojan.Win32.Agentb
No family descriptionExamples
7E457BCD3BADC042B7CEBF78B98848007B03A5999F27940A247C4AB880DBD8C8
5B0E08CB311DFEDD944EA64F5F0DF8A5
6F741E711EE0F26B20AF6B1A62A63D67
737EBD67DF17EF11D3F85E4BB4892871
Tactics and Techniques: Mitre*
Adversaries may abuse the Windows service control manager to execute malicious commands or payloads. The Windows service control manager (services.exe) is an interface to manage and manipulate services. The service control manager is accessible to users via GUI components as well as system utilities such as sc.exe and Net.
Adversaries may abuse the Windows service control manager to execute malicious commands or payloads. The Windows service control manager (services.exe) is an interface to manage and manipulate services. The service control manager is accessible to users via GUI components as well as system utilities such as sc.exe and Net.
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.