Home / malwarePDF  

Trojan.Fitobrute


First posted on 29 May 2015.
Source: Symantec

Aliases :

There are no other names known for Trojan.Fitobrute.

Explanation :

The Trojan is downloaded by the following threat:
Infostealer.Dyre
Once executed, the Trojan may connect to the following command-and-control (C&C) server:
http://95.211.82.101
The Trojan may then receive a remote FTP domain and a list of user names and passwords from the C&C server in order to use in a brute-force attack against the targeted FTP server.

If the brute-force attack is successful, the Trojan sends the login credentials to the C&C server.

Last update 29 May 2015

 

TOP