Thursday, May 26, 2011

A Peek Inside the Vertex Net Loader


It appears that the author of the of the DarkComet RAT has been keeping himself rather busy.

In early-stage development (currently in BETA), the Vertex Net Loader is your typical web-based command and control malware loader, worth keeping an eye on.

More details:
Info on the loader:
This is the small program that will send/retrieve info from/to the web panel , it is like the server part of a RAT. The loader is coded in C++. Size unpacked is ~100kb , compressed is very small and still stable. I choose C++ as the language for this project cause i code C++ since a long time but i never release some security soft, so as a friend said it is a shame to have a knowledge in C++ and don’t use it instead of Delphi all the time. Also C++ is faster and more stable than any other language.

Features of the loader:
- Send message box
- Execute any kind of commands
- close loader process
- Download files and execute them
- Get the process list
- Get the modules list from PID
- Set the keylogger status ON/OFF
- Retrieve the keylogger logs
- Read the file content and retrieve it
- Uninstall the loader
- Httpflood same technologies as i used for DarkComet that is very powerfull
- Remote shell
- Visit any webpage


Upcoming features:
- FWB
- More commands
- Panel Installer
- More possibilities in the webpanel
- User manager in the panel
- Plugins support
- and more.



Monitoring of Vertex Net Loader's development is ongoing.

Related posts:
A Peek Inside a New DDoS Bot - "Snap"
Coding Spyware and Malware for Hire
Will Code Malware for Financial Incentives
E-crime and Socioeconomic Factors
Web Based Botnet Command and Control Kit 2.0
BlackEnergy DDoS Bot Web Based


This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.

No comments:

Post a Comment