Let’s take a look at yet another bot originating from the Mother Russia. It’s called Illusion, and it has a nice and clear GUI tool for configuration that even an idiot (you could argue that only idiots use malware anyway) can use. (more…)
KMFCopy is a small utility that copies files in kernel-mode. As such, it need administrative privileges.
(more…)
BlackEnergy is yet another malware coming from Russia. The package is a “for dummies” version, exhibiting a nice GUI you can use to modify the bot. The only purpose for BlackEnergy is to DDOS. It does not spread on it’s own, it just sits and polls a HTTP C&C (Command and Control) to see whether it has been given any targets.