Application / Window Manager Feature

Description

The Application and Window Manager feature in malware provides a twofold advantage for attackers. On one hand, it allows them to monitor the active applications and open windows on a compromised system, serving as a powerful surveillance tool. By keeping tabs on what websites are being browsed or what chat applications are in use, attackers can gain insights into the victim's behavior, interests, and communication patterns. This information is especially useful for more targeted attacks like spear-phishing, as it enables the attacker to customize deceptive messages based on whom the target user is talking to or what they are discussing.

On the other hand, this feature can also be used to disrupt user activities by forcibly closing applications or windows. Such disruptions can serve as a diversionary tactic, diverting attention away from other, more covert activities the malware may be conducting in the background. Whether it's used for close surveillance or disruptive actions, the Application and Window Manager feature provides attackers with a nuanced capability to both observe and influence user behavior, making it a versatile tool in a well-rounded malware arsenal.

Categories	Disruption, Spy / Surveillance
Dangerousness	Low

Associated with Releases

Version	Origins	Authors	Languages	Release Date
Back Orifice 1.20	United States 🇺🇸	Cult of the Dead Cow (cDc)	C++	Jul, 1998
NetBus 1.70	Sweden 🇸🇪	cf	Delphi	Nov, 1998
SubSeven 1.0	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Feb, 1999
SubSeven 1.1	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Mar, 1999
SubSeven 1.2	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Mar, 1999
SubSeven 1.3	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Mar, 1999
SubSeven 1.4	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Mar, 1999
SubSeven 1.5	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Apr, 1999
SubSeven 1.6	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Apr, 1999
SubSeven 1.7	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	May, 1999
SubSeven 1.8	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	May, 1999
SubSeven 1.9	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Jun, 1999
SubSeven 1.9 Apocalypse	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Aug, 1999
SubSeven 2.0	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Sep, 1999
SchoolBus 2.0	Turkey 🇹🇷	Serdar Kabaoglu	Delphi	Oct, 1999
SubSeven 2.1	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Nov, 1999
SubSeven 2.1.1 GOLD edition	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Feb, 2000
SubSeven 2.1.2 M.U.I.E	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Apr, 2000
Y3K rat 1.0	Greece 🇬🇷	firelarm , Chucky	Delphi	May, 2000
SubSeven 2.1.3 BONUS	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Jun, 2000
SubSeven 2.1.4 DEFCON 8	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Jul, 2000
SubSeven 2.2	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Mar, 2001
Y3K rat 1.6 MS	Greece 🇬🇷	firelarm , Chucky	Delphi	Jul, 2001
Optix Pro 1.0	Unknown 🏴‍☠️	s13az3	Delphi	Apr, 2002
Net-Devil 1.5	Unknown 🏴‍☠️	Nilez	Delphi	Jul, 2002
MoSucker 3.0b	Germany 🇩🇪	Superchachi	Visual Basic 6 (VB6)	Nov, 2002
Beast 1.91	Romania 🇷🇴	Tataye	Delphi	Jan, 2003
SubSeven 2.1.5 Legends	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Feb, 2003
Beast 2.01	Romania 🇷🇴	Tataye	Delphi	Jun, 2003
Optix Pro 1.32	Unknown 🏴‍☠️	s13az3 , xMs	Delphi	Sep, 2003
CIA 1.2	England 🏴󠁧󠁢󠁥󠁮󠁧󠁿	Alchemist	Visual Basic 6 (VB6)	Sep, 2003
Beast 2.02	Romania 🇷🇴	Tataye	Delphi	Sep, 2003
Hue 1.0	Unknown 🏴‍☠️	B33T	Visual Basic 6 (VB6)	Jan, 2004
Nuclear RAT 1.0 Beta 5	Brazil 🇧🇷	Caesar2k	Delphi	Feb, 2004
ProRat 1.4	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Feb, 2004
ProRat 1.6	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Mar, 2004
ProRat 1.8	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Apr, 2004
Infector NG 2004 2.1.0	Belgium 🇧🇪, United Kingdom 🇬🇧	fc , Infiltration	Delphi	May, 2004
Beast 2.07	Romania 🇷🇴	Tataye	Delphi	Aug, 2004
Optix Pro 1.33	Unknown 🏴‍☠️	s13az3	Delphi	Aug, 2004
Flux 1.0	Unknown 🏴‍☠️	Gargamel	C++	Aug, 2004
ProRat 1.9	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Aug, 2004
CIA 1.3	England 🏴󠁧󠁢󠁥󠁮󠁧󠁿	Alchemist	Visual Basic 6 (VB6)	Dec, 2004
DARKMOON 4.11 / 4.11 Private Edition	Spain 🇪🇸	shukisnike	Delphi	Jun, 2005
Bifrost 1.2.1	Sweden 🇸🇪	ksv	C++	Jan, 2007
Hav-Rat 1.2	Sweden 🇸🇪	Havalito	Delphi	Feb, 2007
Bandook 1.35	Lebanon 🇱🇧	PrinceAli	Delphi, C++	Apr, 2007
Poison Ivy 2.3.0	Sweden 🇸🇪	Shapeless	Delphi, MASM	Jun, 2007
sharK 2.4.0 Fwb+	Germany 🇩🇪	sNiper109 , rockZ	Visual Basic 6 (VB6)	Aug, 2007
Nuclear RAT 2.1.0	Brazil 🇧🇷	Caesar2k	Delphi	Sep, 2007
Poison Ivy 2.3.2	Sweden 🇸🇪	Shapeless	Delphi, MASM	Jan, 2008
Turkojan 4	Turkey 🇹🇷	FµNGµ§	Delphi	Feb, 2008
sharK 3.1 fwb++	Germany 🇩🇪	sNiper109 , rockZ	Visual Basic 6 (VB6)	Mar, 2008
Lost Door 3.0 Stable	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Mar, 2009
PrjRAPTOR 1.8	United States 🇺🇸	Ryan.M	Visual Basic 6 (VB6)	Jul, 2009
Cerberus 1.0 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Cerberus 1.01 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Cerberus 1.02 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Apocalypse RAT 1.4	Turkey 🇹🇷	ap0calypse	Delphi	Aug, 2009
Cerberus 1.03.4	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Sep, 2009
Spy-Net 2.6	Brazil 🇧🇷	Raphael	Delphi	Oct, 2009
DarkComet RAT 1.3	France 🇫🇷	DarkCoderSc		Nov, 2009
Cerberus 1.03.5 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Dec, 2009
DarkComet RAT 2.0 RC4	France 🇫🇷	DarkCoderSc	Delphi	Mar, 2010
CyberGate 1.04.8	United States 🇺🇸	johnyk	Delphi	Apr, 2010
Lost Door 4.3.1	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Apr, 2010
Lost Door 5.1	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Oct, 2010
Coolvibes 1 Update 8	Spain 🇪🇸	Thor	Delphi	May, 2011
Xtreme RAT 2.9	Brazil 🇧🇷	Raphael	Delphi	Jul, 2011
DarkComet RAT 5.3.1	France 🇫🇷	DarkCoderSc	Delphi	Jun, 2012
Lost Door 9.2 Aws	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Jan, 2022