Neutrino Bot creates a persistent environment for itself by adding a startup entry with the Windows Task Scheduler. Several modifications are also done to the registry by adding new entries and values. To further the dangerous system modifications, Neutrino also adds itself to the firewall’s whitelist and to the exclusions list of Windows Defender.
Main functionality
* Webinjects + formgrabber (Chrome, Firefox, IE, Tor browser (HTTP, SSL, SPDY …))
* DNS Spoofer (Chrome, Firefox, IE)
* Backconnect socks 4/5
* Track 1 / 2 grabber
* Loader (+ from mem) (exe, dll, vbs, bat … + possibility to specify the parameters for starting the file)
* CMD Shell (remote command execution with the windows command interpreter)
* Search by processes running on the bot
* Styling files by mask
* Definition of installed AV
* Update
* Work through pads
* Support for .bit domains
* And more…
Admins functionality
* Flexible job creation system (by country / id / os / build id)
* Detailed article bots
* Customizable bots time
* Sort bots in statistics by IP \ Online \ Country \ OS
* The system of bans
* And more…
Anti-debugging
* AntiVM
* Detect of sandboxes
* Detection of all online services of automatic analysis
* Protection of bot (protection of process \ file \ branches of the registry)
* Unlimited number of simultaneously executed commands (Some commands have a higher priority in relation to others and their execution stops others)
* Unlimited number of backup domains
* Quiet work even under a limited account
* Does not load the CPU
– The weight of the uncompressed binary ~ 130kb
– The bot is tested on the whole line of Windows, from XP to 10, including server (x32 / 64)
Reviews
There are no reviews yet.