File Manager - Allows the attacker to delete, edit, rename, copy, paste, download, create new folders/files in addition to navigating the file system.
Process Manager - Allows the attacker to list, suspend, resume, kill and kill & delete processes.
Remote Desktop - Allows the attacker to start a Remote Desktop session
Remote Cam - Allows the attacker to obtain access to the victim's system camera and display a live feed
Remote Shell - Opens a reverse shell on the victim, which allows the attacker to input commands directly on the system
Registry - Allows the attacker to manipulate the victim's system registry (create, edit, delete keys and values)
Keylogger - Enables the key logging function on the victim, logs are automatically shipped back to the C&C server.
Get Passwords - Allows the attacker to collect stored passwords in various browsers.
Under the Proxy Tab:
Victim Proxy - Allows the attacker to use the victim as a proxy for network traffic.
Restart Proxy - Restarts the proxy on the selected victim.
Send Msgbox - Allows the attacker to send a pop up text box to the victim.
Under the 'Run File’ Tab:
From Link - Allows the attacker to provide a link to a file and have it executed on the victim’s system.
From Disk - Allows the attacker to upload a file to the victim and have it executed on the victim’s system.
Script - Allows the attacker to create script that is then executed on the victim’s system.
Format System - Allows the attacker to format the victim’s system.
Under the ‘Website’ Tab:
Open Website - Opens a website of the attackers choosing.
Block Website - Blocks a website of the attackers choosing on the victim machine.
DDOS Attack - Performs a DDOS attack on a victim of the attackers choosing.
Open Chat - Opens a chat window on the victims machine.
Spread in Hard Drive
Under the ‘Computer' Tab:
Restart - Restarts the victim’s computer.
Shutdown - Shutdown the victim’s computer.
Under the ‘Server' Tab:
Update - Enables the attacker to update the malware on the victim via upload or a link
Uninstall - Allows the attacker to uninstall the malware.
Restart - Allows the attacker to restart the malware.
Close - May allows the attacker to close the malware
Disconnect - Allows the attacker to sever the connection between them.
Rename - Allows the attacker to rename the malware on the victim’s system.
Open Folder - Opens the local folder on the attackers machine where data collected from the victim’s system is stored.
Builder - Allows the attacker to build malware that will connect back to the server
No-ip - Integrated with no-ip (A Dynamic DNS Service)
Exe to convert jpg - Allows the attacker to convert an exe to a jpg, score, mp3, wav, txt mp4 or flv file.
0 comments :