SubSeven 2.1.5 released

Discussion in 'Trojan Defence Suite' started by Gavin - DiamondCS, Mar 1, 2003.

Thread Status:
Not open for further replies.
  1. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    SubSeven 2.1.5 released earlier today, so a head up warning for users. Server size is 363KB, and being an updated version of 2.1.4 DEFCON, SubSeven 2.1.5 is easily detected by TDS with old signatures and aspects of TDS which are not well known :

    Advanced signatures -

    There are some very common trojans more likely to be distributed over the internet, and TDS has extra signatures to identify these trojans and new / heavily modified variants. SubSeven is of course one trojan which is very well covered, and the latest release will be detected in file scanning.

    Positive identification <Adv>: RAT.SubSeven 2.1x


    Advanced generics -

    Common trojans also often lead to other detection ideas, TDS also detects the new SubSeven in that way.

    Generic Detection: This file has trojan characteristics (possibly Sub7?)
     
  2. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    hmm, time for a new emulator I suppose? :D :D
    Dolf
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Those are discussions for the private forum Dollefie.
     
  4. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Emulators..

    SubSeven 2.1.5 is almost identical to 2.1.4 really, and I would say the protocol is unchanged, as are the commands. There might be a couple of commands that dont work (get cached passwords) and a new one or more but nothing major
     
Thread Status:
Not open for further replies.