Difference between revisions of "Travnet"
Jump to navigation
Jump to search
m (1 revision imported) |
|||
| Line 1: | Line 1: | ||
{{Botnet | {{Botnet | ||
| | |Target=Unknown | ||
|UserAgent=Unknown | |UserAgent=Unknown | ||
|CCProtocol=HTTP | |CCProtocol=HTTP | ||
|Status=Unknown | |Status=Unknown | ||
|BeginYear=2009 | |BeginYear=2009 | ||
|EndYear=Unknown | |EndYear=Unknown | ||
| | |Fonctionnalités=* [[feature::Data theft]] (searches for doc, docx, xls, xlsx, txt, rtf, pdf files, lists all filenames, all files from desktop) | ||
* Lossless [[feature::Data compression]] for upload (similar to LZSS and then a custom Base64 encoding) | |||
* Uses Internet Explorer by injecting a DLL to send the files | |||
|Language1=Chinese | |||
|Vendor1=McAfee | |Vendor1=McAfee | ||
|Victime4= | |Victime4= | ||
}} | }} | ||
Revision as of 01:32, 1 August 2015
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
| Travnet | |
|---|---|
| Alias | |
| Group | |
| Parent | |
| Sibling | |
| Family | |
| Relations | Variants: Sibling of: |
| Target | Unknown |
| Origin | |
| Distribution vector | |
| UserAgent | Unknown |
| CCProtocol | HTTP (Centralized) |
| Activity | 2009 / Unknown |
| Status | Unknown |
| Language | |
| Programming language | |
| Operation/Working group | |
Introduction
Features
Associated images
Checksums / AV databases
Publications
| Author | Editor | Year | |
|---|---|---|---|
| Travnet botnet steals huge amount of sensitive data | Umesh Wanve | McAfee | 2013 |
| Travnet trojan could be part of APT campaign | Vikas Taneja | McAfee | 2013 |