Zemra

From HandWiki

Zemra is a DDoS Bot which was first discovered in underground forums in May 2012.[1][2] Zemra is capable of HTTP and SYN Flood flooding and also has a simple Command & Control panel that is protected with 256-bit DES encryption for communicating with its command and control (C&C) server.[3] Zemra also sends information such as Computer name, Language settings, and Windows version. It will send this data to a remote location on a specific date and time.[4] It also opens a backdoor on TCP port 7710 to receive commands from a remote command-and-control server,[5] and it is able to monitor devices, collect system information, execute files, and even update or uninstall itself if necessary.[3][6]

See also

References

  1. Kumar, Mohit (2012-06-27). "Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks". http://thehackernews.com/2012/06/zemra-botnet-leaked-cyber-criminals.html. 
  2. Neville, Alan (27 June 2012). "DDoS Attacks: The Zemra Bot". Symantec. https://www.symantec.com/connect/blogs/ddos-attacks-zemra-bot. 
  3. 3.0 3.1 Kovacs, Eduard (2012-06-28). "Zemra DDOS Crimeware Kit Used to Extort Organizations". http://news.softpedia.com/news/Zemra-DDOS-Crimeware-Kit-Used-to-Extort-Organizations-278041.shtml. 
  4. "Backdoor.Zemra". Precise Security. 2012-06-27. http://www.precisesecurity.com/trojan/backdoor-zemra. 
  5. "Backdoor.Zemra". Naked Security. 2012-06-26. https://web.archive.org/web/20150325011832/http://www.precisesecurity.com/trojan/backdoor-zemra. 
  6. Goldman, Jeff (2012-06-29). "Symantec Warns of New Zemra Bot". http://www.esecurityplanet.com/malware/symantec-warns-of-new-zemra-bot.html. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Zemra&oldid=3381114"