Class: Trojan
A malicious program designed to electronically spy on the user’s activities (intercept keyboard input, take screenshots, capture a list of active applications, etc.). The collected information is sent to the cybercriminal by various means, including email, FTP, and HTTP (by sending data in a request).Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: Trojan.Win32.ServStart.admc
No family descriptionExamples
780B4FB7B2EE25DC83FCA1295A6270ECDA70184BBCFE35FCB7B1DCB37E1A5F67
BE0EAFFC1FBE3150A6138E67E0650F9D
28BEE3D01ABAD2D1B1ACE00367C797DE
2A0C949D5B6FAE3AA3436B9FEC36E18F
Tactics and Techniques: Mitre*
Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.
Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.
Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.