Alina
Jump to navigation
Jump to search
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Alina | |
---|---|
Alias | |
Group | Point-of-sale |
Parent | |
Sibling | |
Family | |
Relations | Variants: Eagle, Spark Sibling of: |
Target | Microsoft Windows |
Origin | |
Distribution vector | Spam |
UserAgent | |
CCProtocol | HTTP (Centralized) |
Activity | 2012 / |
Status | |
Language | |
Programming language | |
Operation/Working group |
Introduction
- starting v2 XOR was added and the key used was 0xAB
- starting v5.2, XOR scheme is more complex, 0xAA for the first 76 bytes, then data between offsets 18 and 35 are used as the XOR key
- starting version 3.1 HTTP status code 666
- packers used: UPX from version 2.1, a Visual Basic crypter from version 5.2 and UPX protector from version 5.5
Features