Process Enumeration Feature

Description

The Process Enumeration feature in malware provides attackers with a detailed inventory of all running processes on a compromised system. This is the digital equivalent of a burglar quietly taking stock of valuables in a home. By cataloging active processes, the malware gains insights into the software environment, including potential vulnerabilities and operational characteristics of the target system. This information can be invaluable for escalating privileges, inserting additional payloads, or avoiding detection by identifying security software that may be running. Process Enumeration thereby serves as a crucial intelligence-gathering step, arming attackers with the necessary data to tailor their subsequent actions for maximum impact and minimum detection.

Categories	System Management, Disruption
Dangerousness	Medium

Associated with Releases

Version	Origins	Authors	Languages	Release Date
Bandook 1.35	Lebanon 🇱🇧	PrinceAli	Delphi, C++	Apr, 2007
Poison Ivy 2.3.0	Sweden 🇸🇪	Shapeless	Delphi, MASM	Jun, 2007
Hav-Rat 1.3.2	Sweden 🇸🇪	Havalito	Delphi	Jul, 2007
sharK 2.4.0 Fwb+	Germany 🇩🇪	sNiper109 , rockZ	Visual Basic 6 (VB6)	Aug, 2007
Nuclear RAT 2.1.0	Brazil 🇧🇷	Caesar2k	Delphi	Sep, 2007
Poison Ivy 2.3.2	Sweden 🇸🇪	Shapeless	Delphi, MASM	Jan, 2008
Turkojan 4	Turkey 🇹🇷	FµNGµ§	Delphi	Feb, 2008
Turkojan 4.0	Turkey 🇹🇷	Fungus	Delphi	Mar, 2008
sharK 3.1 fwb++	Germany 🇩🇪	sNiper109 , rockZ	Visual Basic 6 (VB6)	Mar, 2008
SynRAT 2.1	France 🇫🇷	DarkCoderSc	Delphi	Oct, 2008
Lost Door 3.0 Stable	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Mar, 2009
SynRAT 4.0.1	France 🇫🇷	DarkCoderSc	Delphi	May, 2009
PrjRAPTOR 1.8	United States 🇺🇸	Ryan.M	Visual Basic 6 (VB6)	Jul, 2009
Cerberus 1.0 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Cerberus 1.01 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
Cerberus 1.02 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Aug, 2009
SynRAT 4.3.1-A-1	France 🇫🇷	DarkCoderSc	Assembly, Delphi	Aug, 2009
Apocalypse RAT 1.4	Turkey 🇹🇷	ap0calypse	Delphi	Aug, 2009
Cerberus 1.03.4	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Sep, 2009
Spy-Net 2.6	Brazil 🇧🇷	Raphael	Delphi	Oct, 2009
DarkComet RAT 1.3	France 🇫🇷	DarkCoderSc		Nov, 2009
Cerberus 1.03.5 Beta	United States 🇺🇸, United Kingdom 🇬🇧	Protocol , Steve10120 , 2sly , Sam	Delphi	Dec, 2009
DarkComet RAT 2.0 RC4	France 🇫🇷	DarkCoderSc	Delphi	Mar, 2010
CyberGate 1.04.8	United States 🇺🇸	johnyk	Delphi	Apr, 2010
Lost Door 4.3.1	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Apr, 2010
DarkComet RAT 2.0 RC7	France 🇫🇷	DarkCoderSc	Assembly, Delphi	Jun, 2010
Schwarze Sonne 1.0	Unknown 🏴‍☠️, Germany 🇩🇪, Turkey 🇹🇷	ap0calypse , Slayer616 , Counterstrikewi	Delphi	Jun, 2010
Lost Door 5.1	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Oct, 2010
Coolvibes 1 Update 8	Spain 🇪🇸	Thor	Delphi	May, 2011
Xtreme RAT 2.9	Brazil 🇧🇷	Raphael	Delphi	Jul, 2011
DarkComet RAT 5.3	France 🇫🇷	DarkCoderSc	Assembly, Delphi	Jun, 2012
DarkComet RAT 5.3.1	France 🇫🇷	DarkCoderSc	Assembly, Delphi	Jun, 2012
NjRat 0.7d	Kuwait 🇰🇼	njq8	VB .net	Dec, 2013
Quasar 1.0	Unknown 🏴‍☠️	MaxXor	C#	Aug, 2015
Lost Door 9.2 Aws	Tunisia 🇹🇳	OussamiO	Visual Basic 6 (VB6)	Jan, 2022