Publié le par SSTA

-Bdoor backdoor: P1/P2

-Hanuman Backdoor: F1/P2

This backdoor does not try to be permanent by wrinting the run key (F1):

-HKShell backdoor: P1/P2

-ICMPDoor backdoor: P1/P2

NB. ICMP is consdered as a "poor protocol", but it is certainly one of the most interesting for firewall and IDS evasion.
This protocol is for instance used by some malwares for data leak.

-HTTP Rat Zombam: P1/P2

-BabyFace trojan: P1/P2

-Scryptic downloader: P1/P2

-ICMP DDOS Tool: F1/F2

This test is designed to show if kav can prevent network attack from being started (when the host is a part of a botnet for instance).

-Letmerule backdoor: P1/P2

-Tiny FTP backdoor: P1/P2

-Backdoor Sensode/ZXShell (a kind of NetCat variant): P1/P2

Unfortunately, the deny answer does not prevent the connection attempt:

-NetDevil backdoor: P1/P2

-Nuclear RAT: P1/P2

-Roxrat backdoor: P1/P2

-WinVNC backdoor: P1/P2

-Oblivion backdoor: F1/P2

NB: we have not enable the creation of a run key for the server.

-Winshell backdoor: P1/P2

-Msgate Trojan spy: P1/P2

-Sub7 variant: P1/P2

-PHP backdoor: F1/P2

-So2Rat backdoor: F1/F2

We can run the server and connect to it without any kind of alert from the proactive module, neither from the antivirus file (malware unknown from kav labs).

-Satan's Trick trojan dropper: P1/P2

The test file version looks for the victim as an innocnet screesaver:

-DarkMoon trojan: P1/P2

We choose to create a server that we call pornflashgame.exe...a very attarctive kind of games for men...

Publié dans KASPERSKY 6 TEST

Commenter cet article