Difference between revisions of "Comfoo"

From Botnets.fr
Jump to navigation Jump to search
m (1 revision imported)
 
Line 1: Line 1:
{{Botnet
{{Botnet
|UserAgent=Apache 2.0.50 (Unix)
|CCProtocol=HTTP
|Feature=Keylogger, System information gathering, Network information gathering, Screen capture, File upload, File download, File execute, Command shell,
|Group=RAT
|Fonctionnalités=* [[feature::System information gathering|System/network information gathering]]
|Fonctionnalités=* [[feature::System information gathering|System/network information gathering]]
* [[feature::Keylogger]]
* [[feature::Keylogger]]
Line 10: Line 14:
* [[port::TCP/1689]] - admin relay for commands to victims/reports from victims
* [[port::TCP/1689]] - admin relay for commands to victims/reports from victims
* [[port::TCP/80]], [[port::TCP/443]] - victim relay port
* [[port::TCP/80]], [[port::TCP/443]] - victim relay port
|UserAgent=Apache 2.0.50 (Unix)
|CCProtocol=HTTP
|Target=Unknown
|Status=Unknown
|BeginYear=Unknown
|EndYear=Unknown
|Group=RAT
|Victime4=
|Victime4=
}}
}}

Latest revision as of 12:55, 8 August 2015

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Comfoo
Alias
Group RAT
Parent
Sibling
Family
Relations Variants:

Sibling of: Luckycat
Parent of:
Distribution of:
Campaigns:

Target
Origin
Distribution vector
UserAgent Apache 2.0.50 (Unix)
CCProtocol HTTP (Centralized)
Activity /
Status
Language
Programming language
Operation/Working group

Introduction

Features


Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
Secrets of the Comfoo mastersJoe Stewart
Don Jackson		DELL SecureWorks2013
Retrieved from "https://www.botnets.fr/index.php?title=Comfoo&oldid=12125"