Difference between revisions of "Travnet"

From Botnets.fr
Jump to navigation Jump to search
Line 3: Line 3:
|UserAgent=Unknown
|UserAgent=Unknown
|CCProtocol=HTTP
|CCProtocol=HTTP
|Feature=Document theft, Data theft, Base64 encoding,
|Status=Unknown
|Status=Unknown
|BeginYear=2009
|BeginYear=2009
|EndYear=Unknown
|EndYear=Unknown
|Group=Stealing, Spying,
|Fonctionnalités=* [[feature::Data theft]] (searches for doc, docx, xls, xlsx, txt, rtf, pdf files, lists all filenames, all files from desktop)
|Fonctionnalités=* [[feature::Data theft]] (searches for doc, docx, xls, xlsx, txt, rtf, pdf files, lists all filenames, all files from desktop)
* Lossless [[feature::Data compression]] for upload (similar to LZSS and then a custom Base64 encoding)
* Lossless [[feature::Data compression]] for upload (similar to LZSS and then a custom Base64 encoding)

Revision as of 01:35, 1 August 2015

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Travnet
Alias
Group Stealing, Spying
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of:
Campaigns:

Target Unknown
Origin
Distribution vector
UserAgent Unknown
CCProtocol HTTP (Centralized)
Activity 2009 / Unknown
Status Unknown
Language
Programming language
Operation/Working group

Introduction

Features


Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
Travnet botnet steals huge amount of sensitive dataUmesh WanveMcAfee2013
Travnet trojan could be part of APT campaignVikas TanejaMcAfee2013