Difference between revisions of "Atrax"
Jump to navigation
Jump to search
m (Text replacement - "=Unknown" to "=") |
|||
Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
|Target=Microsoft Windows | |Target=Microsoft Windows | ||
|UserAgent= | |UserAgent= | ||
|CCProtocol=Tor | |CCProtocol=Tor | ||
|Checksum=a7da414a5033cd3178fa5dc2cd52017e5e658b98, 5bcb59b0025ba397d30938d16bc6904475bb3f89, 16b7b43625ccba34f67258fa1c4b8017e8d0e747, | |Checksum=a7da414a5033cd3178fa5dc2cd52017e5e658b98, 5bcb59b0025ba397d30938d16bc6904475bb3f89, 16b7b43625ccba34f67258fa1c4b8017e8d0e747, | ||
|BeginYear=2013 | |BeginYear=2013 | ||
|EndYear= | |EndYear= | ||
|Group=Stealing | |Group=Stealing | ||
|Fonctionnalités=* [[feature::Virtual machine detection]] | |Fonctionnalités=* [[feature::Virtual machine detection]] | ||
Line 21: | Line 21: | ||
* kill – terminate all own threads | * kill – terminate all own threads | ||
|Infrastructure=* On Tor (found by ESET): iloii7dnyotii3gr.onion (/auth.php) | |Infrastructure=* On Tor (found by ESET): iloii7dnyotii3gr.onion (/auth.php) | ||
|Etat= | |Etat= | ||
|Victime4= | |Victime4= | ||
}} | }} |
Latest revision as of 15:46, 8 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Atrax | |
---|---|
Alias | |
Group | Stealing |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | |
UserAgent | |
CCProtocol | Tor (Distributed-centralized) |
Activity | 2013 / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
Features
Associated images
Checksums / AV databases
- a7da414a5033cd3178fa5dc2cd52017e5e658b98 | Virustotal
- 5bcb59b0025ba397d30938d16bc6904475bb3f89 | Virustotal
- 16b7b43625ccba34f67258fa1c4b8017e8d0e747 | Virustotal
Publications
Author | Editor | Year | |
---|---|---|---|
The rise of TOR-based botnets | Aleksandr Matrosov | ESET | 2013 |