Search results
Jump to navigation
Jump to search
- |Infrastructure=* C&C related to domains androfox.com and androfox.tk385 bytes (48 words) - 15:46, 8 August 2015
- ...in the botnet, moving the network architecture away from a simple bot-to-C&C system and introducing the beginnings of a peer-to-peer model. This new var ...e to contact other peers to receive configuration files with URLs of new C&C servers.2 KB (381 words) - 05:27, 12 August 2015
- ...compiled in 2002; however, their C&C was registered in August 2001. Other C&Cs used by the Equation group appear to have been registered as early as 19764 bytes (114 words) - 00:08, 17 February 2015
- Skilled attackers are burrowing their command and control (C&C) servers inside the networks of compromised businesses in order to circumve ...helps attackers to stay stealthy as they exfiltrate data, as very little C&C traffic is leaving the network.2 KB (230 words) - 22:48, 5 August 2015
- ...cted a repacked Win32/Rootkit.Avatar with an active command and control (C&C) server. In this blog post we confirm that Avatar in-the-wild activity cont942 bytes (133 words) - 20:22, 30 July 2015
- * [[feature::Upload minidump]] crash dump to C&C for debugging378 bytes (47 words) - 06:41, 14 August 2015
- ...useful way to use the hidden service protocol is for communicating with C&C, getting update for configuration information, or downloading additional ma1 KB (170 words) - 18:18, 3 August 2015
- ...ommunication utilisé est artisanal (blob binaire de 232 octets envoyé au C&C). Le chiffrement semble basé sur une table de substitution dont la variabl1 KB (194 words) - 15:49, 8 August 2015
- ...s the command and control (C&C) structure used between them. Utilizing a C&C communication channel for data exfiltration, while previously rare, has bec1 KB (158 words) - 11:25, 18 July 2015
- |Introduction=Infinity est un loader / botnet à base d'HTTP codé en C++. |Language1=C++482 bytes (67 words) - 01:44, 31 July 2015
- Le loader est codé en C++ sous utilisant Code:: Blocks avec le compilateur mingw.<br /> |[[File:Vertexpanel.png|200px|thumb|left|C&C de VertexNet]]734 bytes (113 words) - 15:48, 8 August 2015
- ...servers, a new variant was recently found that communicated with a fifth C&C server located in Canada as well.546 bytes (78 words) - 21:30, 5 August 2015
- |Abstract=Leouncia's C&C payload decryption consists of two major phases. The first part is the form496 bytes (69 words) - 21:50, 5 August 2015
- ...will also skip files found the folders C:\\WINDOWS, C:\\PROGRAM FILES, and C:\PROGRAM FILES (X86).977 bytes (136 words) - 22:13, 5 August 2015
- ...device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its rout627 bytes (85 words) - 22:13, 5 August 2015
- |Abstract=I was recently sent a .pcap file of a bot's C&C communications. Every 182 seconds, the bot would download a GIF file from v513 bytes (75 words) - 12:04, 31 July 2015
- ...er is to retreive a destination number and related message body from the C&C servers. Once received, it composes the message and sends it out in the bac1 KB (178 words) - 12:48, 31 July 2015
- * C&C contact on link like: svpembtywvrc.eu /gate.php?cmd=ping&botnet=be1&userid=542 bytes (74 words) - 15:47, 8 August 2015
- ...blog post I'm going to focus on the creation timeline, exfiltration, and C&C.601 bytes (92 words) - 11:41, 18 July 2015
- ...ns multiple different networks in Europe, US and Asia. While most of the C&C IP addresses have been associated in the past with illicit operations (i.e. ...sing the GTISC sinkhole infrastructure to verify what we infer about its C&C communication channels and growth. As of today we have observed close to 202 KB (412 words) - 22:23, 2 August 2015