Difference between revisions of "Shylock"
Jump to navigation
Jump to search
m (Text replacement - "=Unknown" to "=") |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
|Alias=Caphaw | |||
|MMPC=Backdoor:Win32/Caphaw.A, | |||
|SymantecDocID=2011-092916-1617-99, | |||
|BeginYear=2011 | |||
|EndYear=2014 | |||
|Group=Banking | |||
|Fonctionnalités=* Control of the system desktop, which allows the attacker to see the desktop, and to gain control of the mouse and keyboard | |Fonctionnalités=* Control of the system desktop, which allows the attacker to see the desktop, and to gain control of the mouse and keyboard | ||
* Access to files and folder via a internal FTP server | * Access to files and folder via a internal FTP server | ||
Line 7: | Line 13: | ||
* Update itself | * Update itself | ||
* Shut down or restart the computer | * Shut down or restart the computer | ||
|Vendor1=Microsoft | |Vendor1=Microsoft | ||
|Victime4= | |Victime4= | ||
}} | }} |
Latest revision as of 21:12, 20 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Shylock | |
---|---|
Alias | Caphaw |
Group | Banking |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | |
Origin | |
Distribution vector | |
UserAgent | |
CCProtocol | |
Activity | 2011 / 2014 |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
Features
Associated images
Checksums / AV databases
- Microsoft MMPC: Backdoor:Win32/Caphaw.A
- Symantec: 2011-092916-1617-99
Publications
Author | Editor | Year | |
---|---|---|---|
Backdoor:Win32/Caphaw.A | |||
Shylock financial malware back 'with a vengeance' | Taylor Armerding | CSO Online | 2012 |