Description
The File Manager feature in malware serves as a Swiss Army knife for cybercriminals, enabling them to list, download, upload, or delete files on a compromised system. Acting as an illicit file explorer, this feature provides comprehensive access to the victim's stored data, whether it's sensitive personal information, valuable intellectual property, or configuration files that can be manipulated for further compromise. The ability to upload files also means the attacker can place additional malicious payloads or tools on the system, facilitating a deeper level of exploitation. Likewise, the download function allows for easy exfiltration of valuable or sensitive data. Deleting files can either be used to cover tracks or cause harm, making the File Manager feature a versatile tool in the arsenal of a cybercriminal.
| Categories | File System, Alteration, Disruption, Exfiltration |
| Dangerousness | High |
Existing Techniques
| Name | Associated Feature(s) | Has Snippet | Matching Sample |
|---|---|---|---|
 Execute Programs
|
File Manager, Shell Access | 0 | |
 File Search
|
File Manager | 0 | |
 File System Enumeration
|
File Manager | 0 | |
 Network Shares Enumeration
|
File Manager, Network Manager | 0 |
Back Orifice 1.20
NetBus 1.70
SubSeven 1.0
SubSeven 1.1
SubSeven 1.2
SubSeven 1.3
SubSeven 1.4
SubSeven 1.5
SubSeven 1.6
SubSeven 1.7
SubSeven 1.8
SubSeven 1.9
Back Orifice 2000 (BO2K) 1.0
Vampire 1.2
SubSeven 1.9 Apocalypse
SubSeven 2.0
SchoolBus 2.0
SubSeven 2.1
Hack a Tack 2000
SubSeven 2.1.1 GOLD edition
SubSeven 2.1.2 M.U.I.E
Y3K rat 1.0
SubSeven 2.1.3 BONUS
SubSeven 2.1.4 DEFCON 8
Y3K rat 1.5
SubSeven 2.2
Y3K rat 1.6 MS
Optix Pro 1.0
Net-Devil 1.5
Ghost 2.4
Beast 1.7
Beast 1.8
MoSucker 3.0b
Beast 1.90
Turkojan 1.0
Beast 1.91
Beast 1.92
SubSeven 2.1.5 Legends
CIA 1.0
CIA 1.1
Beast 2.00
Beast 2.01
LanFiltrator 1.1 Fix 1
Optix Pro 1.32
CIA 1.2
Beast 2.05
Beast 2.02
Sinique 1.0
Fearless Lite 1.01
ProRat 1.1