Description
A Port Scanner, when integrated into malware, acts as a reconnaissance tool. Its core function is to probe a system or network, identifying open ports and the services listening on them. By scanning specific port ranges, the malware can discern potential gateways into further system exploitation. For cybercriminals, this feature is invaluable during post-exploitation stages, particularly for privilege escalation or lateral movement. If a high-privilege service is detected, it could be a prime target, especially if it's susceptible to known vulnerabilities or if the malware has already harvested relevant credentials. In essence, a Port Scanner aids malicious actors in widening their sphere of influence within a compromised environment.
| Categories | Privilege Escalation, Lateral Movements |
| Dangerousness | Medium |
Associated with Releases
| Version | Origins | Authors | Languages | Release Date |
|---|---|---|---|---|
 NetBus 1.70
|
Sweden πΈπͺ | cf | Delphi | Nov, 1998 |
 Beast 2.01
|
Romania π·π΄ | Tataye | Delphi | Jun, 2003 |
 Optix Pro 1.32
|
Unknown π΄ββ οΈ | s13az3 , xMs | Delphi | Sep, 2003 |
 Beast 2.02
|
Romania π·π΄ | Tataye | Delphi | Sep, 2003 |
 Beast 2.07
|
Romania π·π΄ | Tataye | Delphi | Aug, 2004 |
 Optix Pro 1.33
|
Unknown π΄ββ οΈ | s13az3 | Delphi | Aug, 2004 |
 Nuclear RAT 2.1.0
|
Brazil π§π· | Caesar2k | Delphi | Sep, 2007 |
 DarkComet RAT 5.3.1
|
France π«π· | DarkCoderSc | Delphi | Jun, 2012 |