īlackEnergy is capable of taking screenshots. īISCUIT has a command to periodically take screenshots of the system. īandook is capable of taking an image of and uploading the current desktop. īADNEWS has a command to take a screenshot and send it to the C2 server. Īzorult can capture screenshots of the victim’s machines. Īttor's has a plugin that captures screenshots of the target applications. Īria-body has the ability to capture screenshots on compromised hosts. ĪPT39 has used a screen capture utility to take screenshots on a compromised host.
ĪPT28 has used tools to take screenshots from victims. ĪppleSeed can take screenshots on a compromised host by calling a series of APIs.
Agent Tesla can capture screenshots of the victim’s desktop.
0 kommentar(er)
