Bifrost 1.2d
(Constructor.Win32.Bifrose.j)
(Trojan.Win32.Buzus.duh)

by ksv

Released in July 2007

more versions

 


Changes from v1.2 public build:

Clipboard logger added to keylogger.
* fwb+ improved to bypass latest Outpost fw on all systems and from restricted accounts.
* Firefox passwords updated to work with FF version 2.
* Firewall and antivirus information are extracted from windows security center.
* New column in main window to show the current active window of the remote computer.
* "System Info" improved to show system and keyboard language. Ping time, idle time and active window is also displayed there and updated regularly.
* "Windows List" improved to also display hidden window and active window.
* Stability of file downloads improved.
* Treeview added to file manager.
* Download manager added, where downloads can be paused, moved up, down and removed.
* File manager now stores the directory contents in a cache during the session, so no info from server is needed when revisiting a directory.
* Thumbnail view added. Thumbnails are also automatically extracted as jpg files in the user folder.
* Option to delete the thumbnails when file manager is closed.
* Option to slow down downloading of files, to avoid using up too much bandwidth.
* Added option to play wave file from the file manager.

* Server modified to run on Vista 64bit. Keylogger and protected storage passwords seems not to work.
* Server is not dropped from the client anymore. Settings can be imported and exported from the builder.
* Multiple bugs in both server and builder causing offline keylogger to always start if plugin was included at build.
* Improved stability in activex startup method.



Server:
Dropped File:
c:\Program Files\Bifrost\server.exe
Size: 56,189 bytes 

Added to Registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9D71D88C-C598-4935-C5D1-43AA4DB90836} "stubpath"
Data: C:\Program Files\Bifrost\server.exe s 
	
	
	
Tested on Windows XP
August 03, 2008

MegaSecurity