Difference between revisions of "Atrax"
Jump to navigation
Jump to search
m (Text replacement - "TOR" to "Tor") |
|||
| Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
|Target=Microsoft Windows | |||
|UserAgent=Unknown | |||
|CCProtocol=Tor | |||
|Checksum=a7da414a5033cd3178fa5dc2cd52017e5e658b98, 5bcb59b0025ba397d30938d16bc6904475bb3f89, 16b7b43625ccba34f67258fa1c4b8017e8d0e747, | |||
|BeginYear=2013 | |||
|EndYear=Unknown | |||
|Group=Stealing | |||
|Fonctionnalités=* [[feature::Virtual machine detection]] | |Fonctionnalités=* [[feature::Virtual machine detection]] | ||
* [[feature::Debugging detection]] | * [[feature::Debugging detection]] | ||
| Line 14: | Line 21: | ||
* kill – terminate all own threads | * kill – terminate all own threads | ||
|Infrastructure=* On Tor (found by ESET): iloii7dnyotii3gr.onion (/auth.php) | |Infrastructure=* On Tor (found by ESET): iloii7dnyotii3gr.onion (/auth.php) | ||
|Etat=Unknown | |Etat=Unknown | ||
|Victime4= | |Victime4= | ||
}} | }} | ||
Revision as of 19:37, 3 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
| Atrax | |
|---|---|
| Alias | |
| Group | Stealing |
| Parent | |
| Sibling | |
| Family | |
| Relations | Variants: Sibling of: |
| Target | Microsoft Windows |
| Origin | |
| Distribution vector | |
| UserAgent | Unknown |
| CCProtocol | Tor (Distributed-centralized) |
| Activity | 2013 / Unknown |
| Status | |
| Language | |
| Programming language | |
| Operation/Working group | |
Introduction
Features
Associated images
Checksums / AV databases
- a7da414a5033cd3178fa5dc2cd52017e5e658b98 | Virustotal
- 5bcb59b0025ba397d30938d16bc6904475bb3f89 | Virustotal
- 16b7b43625ccba34f67258fa1c4b8017e8d0e747 | Virustotal
Publications
| Author | Editor | Year | |
|---|---|---|---|
| The rise of TOR-based botnets | Aleksandr Matrosov | ESET | 2013 |