Difference between revisions of "Andromeda"

From Botnets.fr
Jump to navigation Jump to search
m (1 revision imported)
 
m (Text replacement - "CC1=" to "CCProtocol=")
Line 25: Line 25:
  * Ring3 Rootkit : 300$
  * Ring3 Rootkit : 300$
|UserAgent=Mozilla/4.0
|UserAgent=Mozilla/4.0
|CC1=HTTP
|CCProtocol=HTTP
|OS1=Microsoft Windows
|OS1=Microsoft Windows
|Etat=Inconnu
|Etat=Inconnu

Revision as of 16:05, 1 February 2015

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Andromeda
Alias
Group
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of: GamaPoS, Gamarue dropping Lethic bot, Lethic, New GamaPoS malware piggybacks on Andromeda botnet; spreads in 13 US states, New point-of-sale malware distributed by Andromeda botnet
Campaigns: Anunak

Target
Origin
Distribution vector
UserAgent Mozilla/4.0
CCProtocol HTTP (Centralized)
Activity /
Status
Language
Programming language
Operation/Working group

Introduction

Andromeda est un botnet basé sur HTTP qui inclus

Plugins :

  • Keyloggers
  • Form grabbers
  • SOCKS4 proxy module
  • Rootkits

Features

Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
Andromeda 2.7 featuresSuweera De SouzaFortinet2014
Exploring the market for stolen passwordsBrian KrebsBrian Krebs2012
Gamarue dropping Lethic botAmandeep Kumar
Nirmal Singh		Zscaler2015
Get gamed and rue the day...Methusela Cebrian FerrerMicrosoft2012
Inside Andromeda Bot v2.06 Webpanel / AKA Gamarue - Botnet Control PanelKafeine2012
Large-scale analysis of malware downloadersChristian Rossow
Christian Dietrich
Herbert Bosz		DIMVA2012
MSRT march: three hioles in oneShawn WangMicrosoft2012
Reversing Andromeda-Gamarue botnetRashid BhattGarage 4 Hackers2013
The Andromeda/Gamarue botnet is on the rise againPaul RascagnèresGData2015
Retrieved from "https://www.botnets.fr/index.php?title=Andromeda&oldid=922"