New Trojan

Printable View

March 15th, 2004, 09:58 PM
trojan_warrior

New Trojan

Hi

I am quite interested about trojans... i think i like the idea of disecting into the guts of trojans as they reveal a lot of vulnerability the exploit in our systems...

Cud anyone give me more information about the RIP trojan... i got it searching the net... url is : http:www.riptrojan.da.ru

I dont execute them on my system rather get more informations from documents and explainations... i have a trojan zoo so i love to keep all these informations

Help me out to know more about that specimen i mentioned
March 15th, 2004, 11:04 PM
sumdumguy

I just downloaded it and found there's a doc file within that describes it rather well.
my kaspersky AV calls it Backdoor.VB.gen

you can always read more about it here.

If you like to take things apart and you have 129 bucks you can get PE Explorer

http://www.heaventools.com/overview.htm
March 15th, 2004, 11:16 PM
WarTux

I don't know much about Rip trojan.
But I prefer using "Amitis 1.3.4b" www.immortal-inc.com
It's very good it's the latest version and just came out.
So go get it while it's new.
March 18th, 2004, 09:34 PM
trojan_warrior

Thanks SunDumGuy...

Thanks for your reply.... i didnt download it too and i did go through the entire document... though its the inter workings that i am more interested in... like what name it takes when it resides in the system... where it hides itself... even i tried to search the server file with a file scanner didnt didnt made much out of it from all those hex codes... though there were file paths and registry entries embeded... but i would like to know what entry it makes in that registry... so that it can be detected... as mentioned earlier i do maintain a database of these trojans and write every details.... neways thanks for that link and teling me the type...

rather i am thankful to the programmer of that trojan as he indeed made a little easier for me to know bout the trojan... though i wud have been more gratefu if he had given the intrinsic details...

Thanks to you WarTux... i know bout the Amitis trojan but didnt know bout the latest version... i will check out the link...
March 19th, 2004, 01:54 PM
SirDice

If you don't have a machine to spare why not use something like VMWare?