Class: Trojan
A malicious program designed to electronically spy on the user’s activities (intercept keyboard input, take screenshots, capture a list of active applications, etc.). The collected information is sent to the cybercriminal by various means, including email, FTP, and HTTP (by sending data in a request).Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: Trojan.Win32.Agentb
No family descriptionExamples
FF5715D1ECFBF29862AD255B4974A2512FA7D99EA4E93B48D5F0BDADA20CD59F
B7981BCC1E7073834DC91A8213D903B1
B498832FBF281D1A2900162AE1F1606F
4856E633AF4B9FDB02E2B8D4696D0D02
Tactics and Techniques: Mitre*
Adversaries may clear Windows Event Logs to hide the activity of an intrusion. Windows Event Logs are a record of a computer’s alerts and notifications. There are three system-defined sources of events: System, Application, and Security, with five event types: Error, Warning, Information, Success Audit, and Failure Audit.
Adversaries may clear Windows Event Logs to hide the activity of an intrusion. Windows Event Logs are a record of a computer’s alerts and notifications. There are three system-defined sources of events: System, Application, and Security, with five event types: Error, Warning, Information, Success Audit, and Failure Audit.
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.