Rico Rodriguez

[Hidden Content]

[Hidden Content]

[Hidden Content]

Features: Remote command execution Silent background process Download and run file (Hidden) Safe Mode startup UAC Bypass Will automatically connect to the server Data sent and received is encrypted (substitution cipher) Files are hidden File Infector Symmetric Cryptography Hijack Execution Flow: DLL Side-Loading Deobfuscate/Decode Files or Information Input Capture Keylogging Command and Scripting Interpreter Installed Antivirus shown to server Indicator Removal: Clear Windows Event Logs Indicator Removal: File Deletion Easily spread malware through download feature Startup info doesn't show in msconfig or other startup checking programs like CCleaner Disable Task Manager TCP Connections Non-Application Layer Protocol ActiveWindows StartupManager Registry Editor Process Manager Clipboard Manager Shell Installed Programs DDos Attack VB Net Compiler Location Manager [GPS - IP] File Manager Client [Restart - Close - Uninstall - Update - Block - Note] Power [Shutdown - Restart - Logoff] More [Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]

[Hidden Content]