Difference between revisions of "Hesperbot"
Jump to navigation
Jump to search
(Created page with "{{Botnet|Group=Banking|Feature=Domain generation algorithm}}") |
|||
Line 1: | Line 1: | ||
{{Botnet| | {{Botnet | ||
|Target=Turkey, Czech Republic, Portugal, United Kingdom, Microsoft Windows, Symbian, BlackBerry, Android, | |||
|Vector=Spear phishing, | |||
|Feature=Domain generation algorithm, Keylogger, Screen capture, Video screen capture, Webinject, VNC server, SOCKS5, Twofish encryption, Man in the browser, Form data theft, SMS interception, mTAN interception, | |||
|Checksum=3d71bc74007a2c63dccd244ed8a16e26, ce7bcbfad4921ecd54de6336d9d5bf12, f8ef34342533da220f8e1791ced75cda, 1abae69a166396d1553d312bb72daf65, 83b74a6d103b8197efaae5965d099c1e, 91c5a64e6b589ffcfe198c9c99c7d1f0, ae40a00aad152f9113bc6d6ff6f1c363, 27d8098fe56410f1ac36008dbf4b323e, 8a9cb1bb37354dfda3a89263457ece61, ff858b3c0ea14b3a168b4e4d585c4571, 1243812d00f00cef8a379cb7bc6d67e7, 1e1b70e5c9195b3363d8fb916fc3eb76, 4cf7d77295d64488449d61e2e85ddc72, 5410864a970403dae037254ea6c57464, 64a59d4c821babb6e4c09334f89e7c2d, 1f7b87d5a133b320a783b95049d83332, 028a70de48cd33897affc8f91accb1cd, 4cc533ef8105cbec6654a3a2bc38cb55, 59427cfb5aa31b48150937e70403f0db, c8ee74ada32ea9040d826206a482149e, d3c7d6d10cd6f3809c4ca837ba9ae2e8, | |||
|Language=Russian, | |||
|Group=Banking | |||
}} |
Latest revision as of 04:01, 20 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Hesperbot | |
---|---|
Alias | |
Group | Banking |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Turkey, Czech Republic, Portugal, United Kingdom, Microsoft Windows, Symbian, BlackBerry, Android |
Origin | |
Distribution vector | Spear phishing |
UserAgent | |
CCProtocol | |
Activity | / |
Status | |
Language | Russian |
Programming language | |
Operation/Working group |
Introduction
Features
Associated images
Checksums / AV databases
- 3d71bc74007a2c63dccd244ed8a16e26 | Virustotal
- ce7bcbfad4921ecd54de6336d9d5bf12 | Virustotal
- f8ef34342533da220f8e1791ced75cda | Virustotal
- 1abae69a166396d1553d312bb72daf65 | Virustotal
- 83b74a6d103b8197efaae5965d099c1e | Virustotal
- 91c5a64e6b589ffcfe198c9c99c7d1f0 | Virustotal
- ae40a00aad152f9113bc6d6ff6f1c363 | Virustotal
- 27d8098fe56410f1ac36008dbf4b323e | Virustotal
- 8a9cb1bb37354dfda3a89263457ece61 | Virustotal
- ff858b3c0ea14b3a168b4e4d585c4571 | Virustotal
- 1243812d00f00cef8a379cb7bc6d67e7 | Virustotal
- 1e1b70e5c9195b3363d8fb916fc3eb76 | Virustotal
- 4cf7d77295d64488449d61e2e85ddc72 | Virustotal
- 5410864a970403dae037254ea6c57464 | Virustotal
- 64a59d4c821babb6e4c09334f89e7c2d | Virustotal
- 1f7b87d5a133b320a783b95049d83332 | Virustotal
- 028a70de48cd33897affc8f91accb1cd | Virustotal
- 4cc533ef8105cbec6654a3a2bc38cb55 | Virustotal
- 59427cfb5aa31b48150937e70403f0db | Virustotal
- c8ee74ada32ea9040d826206a482149e | Virustotal
- d3c7d6d10cd6f3809c4ca837ba9ae2e8 | Virustotal
Publications
Author | Editor | Year | |
---|---|---|---|
Hesperbot – A new, advanced banking trojan in the wild | Robert Lipovsky Anton Cherepanov | ESET | 2013 |