Difference between revisions of "Flashback"
Jump to navigation
Jump to search
Line 4: | Line 4: | ||
|Target=Mac OS X | |Target=Mac OS X | ||
|UserAgent=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0.1; sv:2; id: 1A698BE9-0211-5EB4-AFDC-644AA479D972) Gecko/20100101 Firefox/9.0.1 | |UserAgent=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0.1; sv:2; id: 1A698BE9-0211-5EB4-AFDC-644AA479D972) Gecko/20100101 Firefox/9.0.1 | ||
|CCProtocol=HTTP | |CCProtocol=HTTP, Twitter, | ||
|Feature=Domain generation algorithm, File download, | |||
|Status=Unknown | |Status=Unknown | ||
|BeginYear= | |BeginYear=2011 | ||
|EndYear= | |EndYear=2012 | ||
|Group=Trojan, | |Group=Trojan, Downloading, | ||
|Vendor1=Kaspersky | |Vendor1=Kaspersky | ||
|Victime4= | |Victime4= | ||
}} | }} |
Revision as of 14:51, 31 July 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Flashback | |
---|---|
Alias | Flashfake |
Group | Trojan, Downloading |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Mac OS X |
Origin | |
Distribution vector | |
UserAgent | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0.1; sv:2; id: 1A698BE9-0211-5EB4-AFDC-644AA479D972) Gecko/20100101 Firefox/9.0.1 |
CCProtocol | HTTP (Centralized), Twitter (Centralized) |
Activity | 2011 / 2012 |
Status | Unknown |
Language | |
Programming language | |
Operation/Working group |
Introduction
- http://public.dev.drweb.com/april/ (pour consulter la base des UUID repérés par Dr. Web comme faisant partie du botnet)
Features