Process Enumeration Feature

Description

The Process Enumeration feature in malware provides attackers with a detailed inventory of all running processes on a compromised system. This is the digital equivalent of a burglar quietly taking stock of valuables in a home. By cataloging active processes, the malware gains insights into the software environment, including potential vulnerabilities and operational characteristics of the target system. This information can be invaluable for escalating privileges, inserting additional payloads, or avoiding detection by identifying security software that may be running. Process Enumeration thereby serves as a crucial intelligence-gathering step, arming attackers with the necessary data to tailor their subsequent actions for maximum impact and minimum detection.

Categories	System Management, Disruption
Dangerousness	Medium

Associated with Releases

Version	Origins	Authors	Languages	Release Date
Back Orifice 1.20	United States 🇺🇸	Cult of the Dead Cow (cDc)	C++	Jul, 1998
Back Orifice 2000 (BO2K) 1.0	United States 🇺🇸	Cult of the Dead Cow (cDc)	C++	Jul, 1999
SubSeven 2.1	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Nov, 1999
SubSeven 2.1.1 GOLD edition	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Feb, 2000
SubSeven 2.1.2 M.U.I.E	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Apr, 2000
SubSeven 2.1.3 BONUS	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Jun, 2000
SubSeven 2.1.4 DEFCON 8	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Jul, 2000
Y3K rat 1.5	Greece 🇬🇷	firelarm , Chucky	Delphi	Jan, 2001
SubSeven 2.2	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Mar, 2001
Y3K rat 1.6 MS	Greece 🇬🇷	firelarm , Chucky	Delphi	Jul, 2001
Optix Pro 1.0	Unknown 🏴‍☠️	s13az3	Delphi	Apr, 2002
Net-Devil 1.5	Unknown 🏴‍☠️	Nilez	Delphi	Jul, 2002
MoSucker 3.0b	Germany 🇩🇪	Superchachi	Visual Basic 6 (VB6)	Nov, 2002
Beast 1.91	Romania 🇷🇴	Tataye	Delphi	Jan, 2003
SubSeven 2.1.5 Legends	Romania 🇷🇴, Canada 🇨🇦	Mobman	Delphi	Feb, 2003
Beast 2.01	Romania 🇷🇴	Tataye	Delphi	Jun, 2003
LanFiltrator 1.1 Fix 1	Australia 🇦🇺	Read101	Delphi	Aug, 2003
Optix Pro 1.32	Unknown 🏴‍☠️	s13az3 , xMs	Delphi	Sep, 2003
CIA 1.2	England 🏴󠁧󠁢󠁥󠁮󠁧󠁿	Alchemist	Visual Basic 6 (VB6)	Sep, 2003
Beast 2.02	Romania 🇷🇴	Tataye	Delphi	Sep, 2003
Sinique 1.0	Unknown 🏴‍☠️	xtremeNTL	Delphi	Oct, 2003
Fearless Lite 1.01	Australia 🇦🇺, France 🇫🇷	Read101 , Triforce	Delphi	Nov, 2003
Hue 1.0	Unknown 🏴‍☠️	B33T	Visual Basic 6 (VB6)	Jan, 2004
Nuclear RAT 1.0 Beta 5	Brazil 🇧🇷	Caesar2k	Delphi	Feb, 2004
ProRat 1.4	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Feb, 2004
LanFiltrator 1.5 Beta III	Australia 🇦🇺	Read101	Delphi	Feb, 2004
ProRat 1.6	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Mar, 2004
ProRat 1.8	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Apr, 2004
Infector NG 2004 2.1.0	Belgium 🇧🇪, United Kingdom 🇬🇧	fc , Infiltration	Delphi	May, 2004
Beast 2.07	Romania 🇷🇴	Tataye	Delphi	Aug, 2004
Optix Pro 1.33	Unknown 🏴‍☠️	s13az3	Delphi	Aug, 2004
Flux 1.0	Unknown 🏴‍☠️	Gargamel	C++	Aug, 2004
ProRat 1.9	Turkey 🇹🇷	HighLander , ATmaCA	Borland C++	Aug, 2004
Institution 2004 0.4.0	United States 🇺🇸	Aphex	Delphi	Oct, 2004
CIA 1.3	England 🏴󠁧󠁢󠁥󠁮󠁧󠁿	Alchemist	Visual Basic 6 (VB6)	Dec, 2004
Y3K rat 2k5 RC 1.0	Germany 🇩🇪	SHA	Delphi	Jun, 2005
DARKMOON 4.11 / 4.11 Private Edition	Spain 🇪🇸	shukisnike	Delphi	Jun, 2005
Bifrost 1.2.1	Sweden 🇸🇪	ksv	C++	Jan, 2007
Hav-Rat 1.2	Sweden 🇸🇪	Havalito	Delphi	Feb, 2007
Bandook 1.35	Lebanon 🇱🇧	PrinceAli	Delphi, C++	Apr, 2007
Poison Ivy 2.3.0	Sweden 🇸🇪	Shapeless	Delphi, MASM	Jun, 2007
Hav-Rat 1.3.2	Sweden 🇸🇪	Havalito	Delphi	Jul, 2007
sharK 2.4.0 Fwb+	Germany 🇩🇪	sNiper109 , rockZ	Visual Basic 6 (VB6)	Aug, 2007
Nuclear RAT 2.1.0	Brazil 🇧🇷	Caesar2k	Delphi	Sep, 2007
Poison Ivy 2.3.2	Sweden 🇸🇪	Shapeless	Delphi, MASM	Jan, 2008
Turkojan 4	Turkey 🇹🇷	FµNGµ§	Delphi	Feb, 2008
sharK 3.1 fwb++	Germany 🇩🇪	sNiper109 , rockZ	Visual Basic 6 (VB6)	Mar, 2008
SynRAT 2.1	France 🇫🇷	DarkCoderSc	Delphi	Oct, 2008
Lost Door 3.0 Stable	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Mar, 2009
SynRAT 4.0.1	France 🇫🇷	DarkCoderSc	Delphi	May, 2009
PrjRAPTOR 1.8	United States 🇺🇸	Ryan.M	Visual Basic 6 (VB6)	Jul, 2009
Cerberus 1.0 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Cerberus 1.01 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Cerberus 1.02 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Apocalypse RAT 1.4	Turkey 🇹🇷	ap0calypse	Delphi	Aug, 2009
Cerberus 1.03.4	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Sep, 2009
Spy-Net 2.6	Brazil 🇧🇷	Raphael	Delphi	Oct, 2009
DarkComet RAT 1.3	France 🇫🇷	DarkCoderSc		Nov, 2009
Cerberus 1.03.5 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Dec, 2009
DarkComet RAT 2.0 RC4	France 🇫🇷	DarkCoderSc	Delphi	Mar, 2010
CyberGate 1.04.8	United States 🇺🇸	johnyk	Delphi	Apr, 2010
Lost Door 4.3.1	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Apr, 2010
Lost Door 5.1	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Oct, 2010
Coolvibes 1 Update 8	Spain 🇪🇸	Thor	Delphi	May, 2011
Xtreme RAT 2.9	Brazil 🇧🇷	Raphael	Delphi	Jul, 2011
DarkComet RAT 5.3.1	France 🇫🇷	DarkCoderSc	Delphi	Jun, 2012
NjRat 0.7d	Kuwait 🇰🇼	njq8	VB .net	Dec, 2013
Lost Door 9.2 Aws	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Jan, 2022