Description
The Remote Desktop or Screen Capture feature in malware provides the attacker with the ability to silently view and control the victim's desktop in real-time. This capability is akin to virtually looking over the victim's shoulder, offering an unfiltered window into the user's activities and data. For the attacker, this offers a multi-faceted advantage: it allows for easy data harvesting, offers clues for further exploitation, and can facilitate lateral movement across a network. Whether the end goal is data theft, corporate espionage, or advanced persistent threats, the ability to capture or control a desktop remotely equips attackers with a potent tool for deepening their intrusion into a compromised system.
| Categories | Assistance, Spy / Surveillance |
| Dangerousness | High |
Existing Technique
| Name | Associated Feature(s) | Has Snippet | Matching Sample |
|---|---|---|---|
 Desktop Screenshot / Streaming
|
Remote Desktop / Screen Capture | 0 |
LanFiltrator 1.5 Beta III
ProRat 1.6
ProRat 1.8
Infector NG 2004 2.1.0
Optix Pro 1.33
Beast 2.07
Flux 1.0
CIA 1.3
ProRat 1.9
Y3K rat 2k5 RC 1.0
DARKMOON 4.11 / 4.11 Private Edition
TrojNa$ 1.0
Bersek 1.1
Turkojan 3.0
Bifrost 1.2.1
Hav-Rat 1.2
Bandook 1.35
Poison Ivy 2.3.0
Hav-Rat 1.3.2
sharK 2.4.0 Fwb+
Nuclear RAT 2.1.0
Poison Ivy 2.3.2
Turkojan 4
Turkojan 4.0
sharK 3.1 fwb++
Lost Door 3.0 Stable
SynRAT 4.0.1
Cerberus 1.0 Beta
Cerberus 1.01 Beta
Cerberus 1.02 Beta
SynRAT 4.3.1-A-1
Apocalypse RAT 1.4
Cerberus 1.03.4
Spy-Net 2.6
DarkComet RAT 1.3
Cerberus 1.03.5 Beta
DarkComet RAT 2.0 RC4
CyberGate 1.04.8
Lost Door 4.3.1
DarkComet RAT 2.0 RC7
Schwarze Sonne 1.0
Lost Door 5.1
Coolvibes 1 Update 8
Xtreme RAT 2.9
DarkComet RAT 5.3
DarkComet RAT 5.3.1
NjRat 0.7d
Quasar 1.0
Lost Door 9.2 Aws