HackTool:Win64/JuicyPotato!rfn is not a self-propagating malware but rather, is a local privilege escalation tool for 64-bit Windows. The intended function is to cover weaknesses in architecture in Windows using the Component Object Model (COM) is a common way to elevate a threat actors' accesses. If they have already gained a foothold on the device with a standard or service account, JuicyPotato can use escalated privileges to gain the highest "NT AUTHORITY\SYSTEM" level access for total control over the targeted device. Availability of its many variant exploits led to the JuicyPotato being used against a wider array of COM components. While JuicyPotato and its software generally do not contain a payload that destructs, it is the sole ability of taking over a device that causes major antivirus vendors, like Microsoft Defender, to detect and classify it as a malicious hack tool for removal.