-
New Trojan
Hi
I am quite interested about trojans... i think i like the idea of disecting into the guts of trojans as they reveal a lot of vulnerability the exploit in our systems...
Cud anyone give me more information about the RIP trojan... i got it searching the net... url is : http:www.riptrojan.da.ru
I dont execute them on my system rather get more informations from documents and explainations... i have a trojan zoo so i love to keep all these informations
Help me out to know more about that specimen i mentioned
-
I just downloaded it and found there's a doc file within that describes it rather well.
my kaspersky AV calls it Backdoor.VB.gen
you can always read more about it here.
If you like to take things apart and you have 129 bucks you can get PE Explorer
http://www.heaventools.com/overview.htm
-
I don't know much about Rip trojan.
But I prefer using "Amitis 1.3.4b" www.immortal-inc.com
It's very good it's the latest version and just came out.
So go get it while it's new.
-
Thanks SunDumGuy...
Thanks for your reply.... i didnt download it too and i did go through the entire document... though its the inter workings that i am more interested in... like what name it takes when it resides in the system... where it hides itself... even i tried to search the server file with a file scanner didnt didnt made much out of it from all those hex codes... though there were file paths and registry entries embeded... but i would like to know what entry it makes in that registry... so that it can be detected... as mentioned earlier i do maintain a database of these trojans and write every details.... neways thanks for that link and teling me the type...
rather i am thankful to the programmer of that trojan as he indeed made a little easier for me to know bout the trojan... though i wud have been more gratefu if he had given the intrinsic details...
Thanks to you WarTux... i know bout the Amitis trojan but didnt know bout the latest version... i will check out the link...
-
If you don't have a machine to spare why not use something like VMWare?