Bandook is a FWB#++ reverse connection rat (Remote Administration Tool), with a small size server when packed 30 KB, and a long list of amazing features
Main features list of the program:
Firewall bypass method: FWB#++ (Code injection, API unhook, kernel patch)
Reverse connection, all traffic through one port
Safe thread based client
Persistance (Irremovable)
Rootkit
Plugins based server (30 KB packed)
Very friendly graphical user interface
Different installation paths
PNG / JPEG compressions for screencapture and webcam
Managing features:
Filemanager with all types of functions, including folder mirror, rar folder/files, file search, infect files, multiple files download / upload, download / upload manager
Registry editor with all type of functions
Process manager (Shows full path, and modules Manager)
Windows manager (including a send key Function)
Services manager
Connection features:
Socks 4 proxy
HTTP / HTTPS proxy
Port redirection
TCP tunnel
HTTP web server
FTP server
Remote shell
Flooding (Mailbomb, DDOS attacks)
Spying features:
Screen manager with screen clicks
Cam manager that supports system with multiple cams
Mic manager (Record voice from microphone)
IMs spy (MSN, YAHOO, AIM)
Keylogger (live)
Offline keylogger (Colored HTML), Live passwords, IMs Spy with automatic delivery to FTP
Cached PWS fetcher [6 embended PWS plugins]
VNC (Remote desktop live control)
Site detection: Check all your computers and know which one visits a specific site
Clipboard manager
Information about the remote machine
Cache reader
Screen recorder (Record the user activities on the screen into AVI movies)
Comments