: Full file system browsing, remote shell access, and process management.
The CrystalRAT.zip file is often the payload delivered through various infection vectors: CrystalRAT.zip
: "Prank" features such as hiding the taskbar, opening websites, or playing sounds to harass the user. Distribution & Execution : Full file system browsing, remote shell access,
: Distributed via spear-phishing emails or Signal messages with malicious attachments (e.g., DarkTortilla loaders or macro-enabled Word documents). : Full file system browsing
: Harvesting credentials from web browsers, FTP clients, and clipboards.
: Disguised as legitimate software like Microsoft KMS activation tools or phone number generators.
: Real-time keylogging, capturing screenshots, and recording via the microphone or webcam.