Godzilla Loader is a modern dropper that allows you to download an unlimited number of files bypassing most types of AV protection.
The application works without introducing code into other people’s processes, which in turn is a unique difference compared to other similar products on the market. By creating a non-visible copy of the browser for the user, Godzilla Loader does all the work with the network in the context of a trusted browser process without introducing its code. The application saves to disk and launches all downloaded files, after which it is deleted.
The control panel allows you to distribute tasks and keep statistics in real time by indentation, geographical coordinates(on the map), countries, operating systems, OS architecture, time and quantity.
- Written on pure C and WinAPI, without the use of ATL / MFC and third-party libraries;
- Uncompressed size EXE with full functionality: ~ 12 KB is not a resident, ~ 15 KB resident;
- Bypassing most types of AV protection: Low IL, HIPS;
- Raising privileges to SYSTEM;
- Execute the DLL in the loader process memory, without saving to disk;
- Running the drivers;
- Checking the C & C server manager using the server response signature RSA;
- Deleting shadow copies and Windows recovery points;
- Support for * .bit domains;
- Statistics in real time, without the need to update the page;
- Distribution of tasks by country, time, operating systems, OS architecture, quantity;
- Statistics by geographical coordinates, time, versions of operating systems, indenting, online for a day, a week;
- Localization of the interface in Russian and English;
- Night / day theme for convenient use at any time of day;
- Guest statistics on the token;
- The possibility of automatic (by crown) / manual update EXE in the control panel;
The Godzilla Loader control panel backend is written in PHP and MySQL, the frontend is on Twitter Bootstrap, jQuery, and RaphaelJS.
Minimum system requirements for a botnet in 20-30K:
- Linux VDS, 512 GB RAM, 1 Core
- PHP version 5 and above
- MySQL version 5 and higher
- The PHP OpenSSL extension
- Task Manager