| Port No | 12624 |
| Service Name | ButtMan |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | ButtMan is a RAT. Once installed, ButtMan server version 0.9n adds the registry key: Whatever the filename is to ensure that it runs whenever the system starts. By default, ButtMan server v09.n listens on Transmission Control Protocol (TCP) port 12624 |
| Reference Link | J-Security Center More Information |
| Attack | Name:Buttman . A ButtMan server, once installed, opens a backdoor and enables remote attackers to perform malicious actions including: 1. Capture screenshots 2. Chat 3. Manage the filesystem 4. E-mail notification 5. Log keys 6. Obtain system information 7. Edit the registry |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.