Description

The System Information Gathering feature in malware serves as an initial reconnaissance tool, collecting a wealth of details about the compromised system's hardware and software configurations. This can include data such as operating system version, installed applications, network interfaces, and even the presence of security solutions. The gathered information can be pivotal for attackers in understanding the landscape they are operating in and in identifying vulnerabilities or weak spots for further exploitation. Significantly, the details about user privileges, running processes, and system configurations can reveal opportunities for privilege escalation. By knowing what level of access is available or what security patches may be missing, attackers can tailor their subsequent actions to exploit these weak points, thus ensuring a more effective and deeper level of system compromise. In essence, System Information Gathering provides a foundational knowledge base that guides the rest of the malware's activities, making it a crucial first step in a targeted attack.

Categories Spy / Surveillance, Lateral Movements, Privilege Escalation
Dangerousness High

Existing Techniques

Name Associated Feature(s) Has Snippet Matching Sample
Hardware Information Gathering logoHardware Information Gathering System Information Gathering 0
Session Information Gathering logoSession Information Gathering System Information Gathering 0
Windows Users Enumeration logoWindows Users Enumeration System Information Gathering 0

Associated with Releases

Version Origins Authors Languages Release Date
Lost Door 3.0 Stable logoLost Door 3.0 Stable Tunisia πŸ‡ΉπŸ‡³ OussamiO Visual Basic 6 (VB6) Mar, 2009
PrjRAPTOR 1.8 logoPrjRAPTOR 1.8 United States πŸ‡ΊπŸ‡Έ Ryan.M Visual Basic 6 (VB6) Jul, 2009
Cerberus 1.0 Beta logoCerberus 1.0 Beta United States πŸ‡ΊπŸ‡Έ, United Kingdom πŸ‡¬πŸ‡§ Protocol , Steve10120 , 2sly , Sam Delphi Aug, 2009
Cerberus 1.01 Beta logoCerberus 1.01 Beta United States πŸ‡ΊπŸ‡Έ, United Kingdom πŸ‡¬πŸ‡§ Protocol , Steve10120 , 2sly , Sam Delphi Aug, 2009
Cerberus 1.02 Beta logoCerberus 1.02 Beta United States πŸ‡ΊπŸ‡Έ, United Kingdom πŸ‡¬πŸ‡§ Protocol , Steve10120 , 2sly , Sam Delphi Aug, 2009
SynRAT 4.3.1-A-1 logoSynRAT 4.3.1-A-1 France πŸ‡«πŸ‡· DarkCoderSc Assembly, Delphi Aug, 2009
Apocalypse RAT 1.4 logoApocalypse RAT 1.4 Turkey πŸ‡ΉπŸ‡· ap0calypse Delphi Aug, 2009
Cerberus 1.03.4 logoCerberus 1.03.4 United States πŸ‡ΊπŸ‡Έ, United Kingdom πŸ‡¬πŸ‡§ Protocol , Steve10120 , 2sly , Sam Delphi Sep, 2009
Spy-Net 2.6 logoSpy-Net 2.6 Brazil πŸ‡§πŸ‡· Raphael Delphi Oct, 2009
DarkComet RAT 1.3 logoDarkComet RAT 1.3 France πŸ‡«πŸ‡· DarkCoderSc Nov, 2009
Cerberus 1.03.5 Beta logoCerberus 1.03.5 Beta United States πŸ‡ΊπŸ‡Έ, United Kingdom πŸ‡¬πŸ‡§ Protocol , Steve10120 , 2sly , Sam Delphi Dec, 2009
DarkComet RAT 2.0 RC4 logoDarkComet RAT 2.0 RC4 France πŸ‡«πŸ‡· DarkCoderSc Delphi Mar, 2010
CyberGate 1.04.8 logoCyberGate 1.04.8 United States πŸ‡ΊπŸ‡Έ johnyk Delphi Apr, 2010
Lost Door 4.3.1 logoLost Door 4.3.1 Tunisia πŸ‡ΉπŸ‡³ OussamiO Visual Basic 6 (VB6) Apr, 2010
DarkComet RAT 2.0 RC7 logoDarkComet RAT 2.0 RC7 France πŸ‡«πŸ‡· DarkCoderSc Assembly, Delphi Jun, 2010
Schwarze Sonne 1.0 logoSchwarze Sonne 1.0 Unknown πŸ΄β€β˜ οΈ, Germany πŸ‡©πŸ‡ͺ, Turkey πŸ‡ΉπŸ‡· ap0calypse , Slayer616 , Counterstrikewi Delphi Jun, 2010
Lost Door 5.1 logoLost Door 5.1 Tunisia πŸ‡ΉπŸ‡³ OussamiO Visual Basic 6 (VB6) Oct, 2010
Coolvibes 1 Update 8 logoCoolvibes 1 Update 8 Spain πŸ‡ͺπŸ‡Έ Thor Delphi May, 2011
Xtreme RAT 2.9 logoXtreme RAT 2.9 Brazil πŸ‡§πŸ‡· Raphael Delphi Jul, 2011
DarkComet RAT 5.3 logoDarkComet RAT 5.3 France πŸ‡«πŸ‡· DarkCoderSc Assembly, Delphi Jun, 2012
DarkComet RAT 5.3.1 logoDarkComet RAT 5.3.1 France πŸ‡«πŸ‡· DarkCoderSc Assembly, Delphi Jun, 2012
Quasar 1.0 logoQuasar 1.0 Unknown πŸ΄β€β˜ οΈ MaxXor C# Aug, 2015
Lost Door 9.2 Aws logoLost Door 9.2 Aws Tunisia πŸ‡ΉπŸ‡³ OussamiO Visual Basic 6 (VB6) Jan, 2022