ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool BetaBot

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: BetaBot

NamesBetaBot
Neurevt
CategoryMalware
TypeBanking trojan, Backdoor, Info stealer, Credential stealer, DDoS, Downloader
Description(Cybereason) Betabot’s main features include:

• Browsers Form Grabber
• FTP and mail client stealer
• Banker module
• Running DDOS attacks
• USB infection module
• Robust Userland Rootkit (x86/x64)
• Arbitrary command execution via shell
• The ability to download additional malware
• Persistence
• Crypto-currency miner module (added 2017)
Information<https://www.cybereason.com/blog/betabot-banking-trojan-neurevt>
<https://medium.com/@woj_ciech/betabot-still-alive-with-multi-stage-packing-fbe8ef211d39>
<http://www.xylibox.com/2015/04/betabot-retrospective.html>
<https://asert.arbornetworks.com/beta-bot-a-code-review/>
<http://resources.infosecinstitute.com/beta-bot-analysis-part-1/>
<https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/BetaBot.pdf>
<http://www.malwaredigger.com/2013/09/how-to-extract-betabot-config-info.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.betabot>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:betabot>

Last change to this tool card: 24 May 2020

Download this tool card in JSON format

All groups using tool BetaBot

ChangedNameCountryObserved

APT groups

 RATicate[Unknown]2019 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key