Difference between revisions of "Shylock"
Jump to navigation
Jump to search
m (Text replacement - "=Unknown" to "=") |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
|Alias=Caphaw | |||
|MMPC=Backdoor:Win32/Caphaw.A, | |||
|SymantecDocID=2011-092916-1617-99, | |||
|BeginYear=2011 | |||
|EndYear=2014 | |||
|Group=Banking | |||
|Fonctionnalités=* Control of the system desktop, which allows the attacker to see the desktop, and to gain control of the mouse and keyboard | |Fonctionnalités=* Control of the system desktop, which allows the attacker to see the desktop, and to gain control of the mouse and keyboard | ||
* Access to files and folder via a internal FTP server | * Access to files and folder via a internal FTP server | ||
| Line 7: | Line 13: | ||
* Update itself | * Update itself | ||
* Shut down or restart the computer | * Shut down or restart the computer | ||
|Vendor1=Microsoft | |Vendor1=Microsoft | ||
|Victime4= | |Victime4= | ||
}} | }} | ||
Latest revision as of 21:12, 20 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
| Shylock | |
|---|---|
| Alias | Caphaw |
| Group | Banking |
| Parent | |
| Sibling | |
| Family | |
| Relations | Variants: Sibling of: |
| Target | |
| Origin | |
| Distribution vector | |
| UserAgent | |
| CCProtocol | |
| Activity | 2011 / 2014 |
| Status | |
| Language | |
| Programming language | |
| Operation/Working group | |
Introduction
Features
Associated images
Checksums / AV databases
- Microsoft MMPC: Backdoor:Win32/Caphaw.A
- Symantec: 2011-092916-1617-99
Publications
| Author | Editor | Year | |
|---|---|---|---|
| Backdoor:Win32/Caphaw.A | |||
| Shylock financial malware back 'with a vengeance' | Taylor Armerding | CSO Online | 2012 |