Moker Malware, 3 Minute Profile Part 2

Moker Trojan is a remote access Trojan (RAT) capable of seizing complete control of the victim system. It generates a new administrative user account and it opens a RDP channel to allow the adversary to remotely access the infected system. If the remote desktop service is disabled, the malware will attempt to enable it as a background service. Moker establishes a persistent residence in the operating system files so that it appears a legitimate OS level process with system wide privileges and access to system settings. In operation, the malware injects its malicious code into the legitimate code of different system processes.