Difference between revisions of "Travnet"
Jump to navigation
Jump to search
m (1 revision imported) |
|||
Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
| | |Target=Unknown | ||
|UserAgent=Unknown | |UserAgent=Unknown | ||
|CCProtocol=HTTP | |CCProtocol=HTTP | ||
|Status=Unknown | |Status=Unknown | ||
|BeginYear=2009 | |BeginYear=2009 | ||
|EndYear=Unknown | |EndYear=Unknown | ||
| | |Fonctionnalités=* [[feature::Data theft]] (searches for doc, docx, xls, xlsx, txt, rtf, pdf files, lists all filenames, all files from desktop) | ||
* Lossless [[feature::Data compression]] for upload (similar to LZSS and then a custom Base64 encoding) | |||
* Uses Internet Explorer by injecting a DLL to send the files | |||
|Language1=Chinese | |||
|Vendor1=McAfee | |Vendor1=McAfee | ||
|Victime4= | |Victime4= | ||
}} | }} |
Revision as of 01:32, 1 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
Travnet | |
---|---|
Alias | |
Group | |
Parent | |
Sibling | |
Family | |
Relations | Variants: Sibling of: |
Target | Unknown |
Origin | |
Distribution vector | |
UserAgent | Unknown |
CCProtocol | HTTP (Centralized) |
Activity | 2009 / Unknown |
Status | Unknown |
Language | |
Programming language | |
Operation/Working group |
Introduction
Features
Associated images
Checksums / AV databases
Publications
Author | Editor | Year | |
---|---|---|---|
Travnet botnet steals huge amount of sensitive data | Umesh Wanve | McAfee | 2013 |
Travnet trojan could be part of APT campaign | Vikas Taneja | McAfee | 2013 |