HorusEyes RAT

By GoldSparrow in Remote Administration Tools

Translate To:

The HorusEyes RAT is a Remote Access Trojan written in Visual Basic .NET. Released by Microsoft in 2002 as a successor to the original Visual Basic, the new version is described as a multi-paradigm, object-oriented programming language.

HorusEyes is equipped with a wide range of threatening functions that could wreak havoc on any computer infected with the threat. Once deployed, the HorusEyes RAT can be instructed to establish a persistence mechanism that will ensure that the threat is loaded after each boot. This is achieved by setting a task within TaskScheduler and then copying and hiding its files inside the local user directory. It then can be commanded to inject unmanaged DLL files, set up port listener routine, turn off, reboot, hibernate the computer, or cause a Blue Screen of Death (BSOD) critical error. The threat also can manipulate the processes running on the compromised system by killing, resuming, or pausing any specified processes.

The most threatening aspect of the HorusEyes RAT, however, is its ability to harvest passwords. The threat can attempt to recover saved passwords and browsing history from over 35 Chromium-based Web browsers. It also can obtain WiFi passwords. All gathered data is saved in a file (passwords are stored inside a .csv file) that is then exfiltrated to a place designated by the hackers.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

HorusEyes RAT

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen