[markusg]

MincraftPatcher5.2.exe
MD5   : bd52ae1f5d22f14b3c4b71c58ba3b6fc
http://www.virustotal.com/file-scan/rep ... 1315329227

[nullptr]

MincraftPatcher5.2.exe
MD5   : bd52ae1f5d22f14b3c4b71c58ba3b6fc
http://www.virustotal.com/file-scan/rep ... 1315329227

Internal name Aldi Bot

[Aldi Bot coded by till7 | I'm too l33t for the f***ing AV's!]

StartHTTP
StartTCP
StopHTTPDDoS
StopTCPDDoS
StopDDoS
DownloadEx
CreateSocks
StealData
Update

Starts through HKCU...Run key.
downloads Server.exe - http://www.virustotal.com/file-scan/rep ... 1315336982
Payload exe is decrypted overlay - see attachment.

[Xylitol]

Hi guys, this Aldibot got leaked.
G Data guys says it's based on the ZeuS source code.



Source code of aldi bot and php panel in attach.

[wayzoken]

The main functions of "Aldi Bot" v1.0 are:
• Ability to perform DDoS attacks
• SOCKS: the bot owner can use the PC of the victim as a proxy
• Firefox password stealer: theft of passwords stored in the database Firefox
• Remote execution of any file

An update v2.0 adds the following functions to those already available:
• Pidgin password stealer: theft of passwords of instant messaging Pidgin
• jDownloader password stealer: theft of passwords from the host downloader
http://www.virustotal.com/file-scan/rep ... 1318703150

[Striker]

The author prides himself with a video, hosted on Youtube, which apparently shows an “Aldi Bot” DDoS attack against the website of the German Federal Police (http://www.bka.de). The creator of that shit sold he's builder for 10€. 1 x Builder + stub + updates + installation assistance = €10

You can buy that builder via Paysafecard.





btw ALDI is a german super market: http://www.welt.de/multimedia/archive/0 ... 25037p.jpg

[EP_X0FF]

Threads merged. Please use Search next time.

//thanks to Xylitol for remembering about this thread