SYMBOLCOMMON_NAMEaka. SYNONYMS
win.nightshade_c2 (Back to overview)

NightshadeC2

According to eSentire, NightshadeC2 demonstrates an extensive capability set, including: Reverse shell via Command Prompt/PowerShell; Download and execute DLL or EXE; Self-deletion; Remote control; Screen capture; Hidden web browsers; Keylogging; clipboard content capturing. Certain variants have been found with stealing capabilities that enable the extraction of browser passwords and cookies from victim systems for both Gecko and Chromium based browsers.

References
2025-09-04eSentireeSentire Threat Response Unit (TRU)
New Botnet Emerges from the Shadows: NightshadeC2
NightshadeC2 NightshadeC2

There is no Yara-Signature yet.