Go-based Windows remote-access trojan with credential/browser-theft modules. Capabilities:* screen capture/H.264 streaming* keyboard/mouse control* hidden desktop* file upload/download/run* clipboard access* process listing* Chrome profile cloning* cookie extraction/injection* Chrome App-Bound protection bypass logicEmbeds ChromElevator tool.
There is no Yara-Signature yet.
If your designated proposal does not fit in any other category, feel free to write a free-text in the comment field below. Changes regarding references should be proposed on the Malpedia library page.
Your suggestion will be reviewed before being published. Thank you for contributing!
YYYY-MM-DD
YYYY-MM
YYYY