Dashboard:
You can move them like a widget:
Menus:
Yeah... This post will be long :)
Country:
Build:
Modules:
OS:
Browse bots:
Bot info:
Install graph:
Activity graph:
Death graph:
Infested network:
Bot info:
Build info:
Command:
Search form:
Task:
Bot info:
Upload file:
Module dependency:
Module sets:
Server list:
List drops:
Inject requests:
Page dumper:
Inject dump:
Inject source:
Capcha hosts:
Dumper hosts:
Drop templates:
Utility operation:
MySQL Processes:
MySQL Table:
Delete bot:
Bot files:
Worklogs:
List socks:
FTP Logs:
Search logs:
Parser templates:
Parsed accounts:
Update host:
Users:
Groups:
Menu editor:
Jabber alert:
This looks really scary and advanced. Steven, can you tell us more about this? I'm well aware of all threats out there Zeus/SpyEye/Citadel but I have never seen this. This isn't Carberp is it?
ReplyDeleteHi, no it's Tatanga, you can find more info here: http://blog.trendmicro.com/more-on-the-tatanga-banking-trojan/
ReplyDeleteand unlike SpyEye this malware is 'private' it's not sell on underground forums.
ReplyDeletelol private projects and i have src it's
ReplyDeletenot new but very cool.
jabber: gangcash@jabber.org
this guy its a ripper
Deletedont buy from this
The filter panel and some tables are familiar to me . Is this a heavy mod of zeus or some else http bot?(at least the panel)
ReplyDeletewell semi 'private' :)
ReplyDeleteWhat do you mean by semi-private?
DeleteIsnt this the one without any auth?
ReplyDeleteIsnt this the one without any auth checking on pages?
ReplyDeletezzz13 August 2012 13:42
ReplyDeletelol private projects and i have src it's
not new but very cool.
jabber: gangcash@jabber.org its a ripped