Description
The Remote Desktop or Screen Capture feature in malware provides the attacker with the ability to silently view and control the victim's desktop in real-time. This capability is akin to virtually looking over the victim's shoulder, offering an unfiltered window into the user's activities and data. For the attacker, this offers a multi-faceted advantage: it allows for easy data harvesting, offers clues for further exploitation, and can facilitate lateral movement across a network. Whether the end goal is data theft, corporate espionage, or advanced persistent threats, the ability to capture or control a desktop remotely equips attackers with a potent tool for deepening their intrusion into a compromised system.
| Categories | Assistance, Spy / Surveillance |
| Dangerousness | High |
Existing Technique
| Name | Associated Feature(s) | Has Snippet | Matching Sample |
|---|---|---|---|
 Desktop Screenshot / Streaming
|
Remote Desktop / Screen Capture | 0 |
ProRat 1.3
Nuclear RAT 1.0 Beta 5
Beast 2.06
ProRat 1.4
LanFiltrator 1.5 Beta III
ProRat 1.6
ProRat 1.8
Infector NG 2004 2.1.0
Optix Pro 1.33
Beast 2.07
Flux 1.0
CIA 1.3
Messiah 4.0
ProRat 1.9
Y3K rat 2k5 RC 1.0
Y3K rat 2k5 RC 1.1
TrojNa$ 1.0
Bersek 1.1
Turkojan 3.0
Bifrost 1.2.1
Hav-Rat 1.2
Bandook 1.35
BlasterX 1.5 Flash The World
BlasterX 1.5
Poison Ivy 2.3.0
Hav-Rat 1.3.2
sharK 2.4.0 Fwb+
DARKMOON 4.11 Private Edition
Nuclear RAT 2.1.0
Bump-Rat 1.2 Beta
Poison Ivy 2.3.2
ZombieRat 1.2
Turkojan 4
Turkojan 4.0
sharK 3.1 fwb++
Lost Door 2.2
Aero 2
Lost Door 3.0 Stable
SynRAT 4.0.1
Cerberus 1.0 Beta
Cerberus 1.01 Beta
Cerberus 1.02 Beta
SynRAT 4.3.1-A-1
Apocalypse RAT 1.4
Cerberus 1.03.4
Spy-Net 2.6
DarkComet RAT 1.3
Cerberus 1.03.5 Beta
DarkComet RAT 2.0 RC4
CyberGate 1.04.8