AnnLoader
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
AnnLoader | |
---|---|
Alias | |
Group | Downloading |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | |
UserAgent | |
CCProtocol | HTTP (Centralized) |
Activity | / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
AnnLoader est un botnet/loader developpé par des russes, il contient 4 modules :
1) ThiefX : Version: 1.3 qui est un password grabber, il permet de récupérer les mots de passe de 14 programmes dont :
- Fxp (ftp)
- Total commander (ftp)
- Filezilla (ftp)
- Wsftp (ftp)
- Mozilla Firefox (включая 7-ю версию) (web, forms)
- Opera (включая последние версии) (web, forms, ftp)
- CuteFTP (ftp)
- Qip2005 (icq)
- Qip2010 (icq, eml)
- QipInfium (icq, eml)
- The bat (eml)
- RDP (rdp)
- Google Chrome (web)
- Safari (web)
2) Substitution. Version: 1.0. il permet d'éditer le fichier host des victimes.
3) We can create a module that will be modifying the Webmoney purse id in the clipboard. Contact us on ICQ if interested.
4) MKL Keylogger. Version: 1.1. Dependable keylogger, qui permet d'envoyer les logs à travers HTML/FTP.
Features