Difference between revisions of "Andromeda"
Jump to navigation
Jump to search
| (3 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
* SOCKS4 proxy module | * SOCKS4 proxy module | ||
* Rootkits | * Rootkits | ||
|Alias=Gamarue, | |||
|Target=Microsoft Windows | |Target=Microsoft Windows | ||
|Vector=Smoke Bot, | |||
|UserAgent=Mozilla/4.0 | |UserAgent=Mozilla/4.0 | ||
|CCProtocol=HTTP | |CCProtocol=HTTP | ||
|Feature=File download, | |Feature=File download, | ||
|BeginYear=09 | |BeginYear=2011-09 | ||
|Group=Downloading, | |||
|Group= | |||
|Fonctionnalités=* Anti-VM/Anti-Debugging | |Fonctionnalités=* Anti-VM/Anti-Debugging | ||
* Sandbox Detection | * Sandbox Detection | ||
| Line 28: | Line 29: | ||
* Keylogger : 200$ | * Keylogger : 200$ | ||
* Ring3 Rootkit : 300$ | * Ring3 Rootkit : 300$ | ||
|Etat= | |Etat= | ||
|Alias1=Gamarue | |Alias1=Gamarue | ||
|Vendor1=Microsoft | |Vendor1=Microsoft | ||
|Victime4= | |Victime4= | ||
}} | }} | ||
Latest revision as of 16:02, 19 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
| Andromeda | |
|---|---|
| Alias | Gamarue |
| Group | Downloading |
| Parent | |
| Sibling | |
| Family | |
| Relations | Variants: Sibling of: |
| Target | Microsoft Windows |
| Origin | |
| Distribution vector | Smoke Bot |
| UserAgent | Mozilla/4.0 |
| CCProtocol | HTTP (Centralized) |
| Activity | 2011-09 / |
| Status | |
| Language | |
| Programming language | |
| Operation/Working group | |
Introduction
Andromeda est un botnet basé sur HTTP qui inclus
Plugins :
- Keyloggers
- Form grabbers
- SOCKS4 proxy module
- Rootkits
Features