Features USB spreading capabilities to infect new devices and Tor communication for anonymizing its command-and-control (C2) traffic. Malware Analysis Context
Alduin is notable for being "multi-language" and supporting a , which increases its resilience against takedown attempts. Its modular nature allows it to serve various roles, from a simple information stealer to a high-volume DDoS tool. severnake/Alduin-botnet - GitHub
Capable of grabbing account credentials from Firefox , Chrome , and FileZilla . It also includes a "SourceCode/Git grabber" for targeting developer files. Alduin botnet.rar
An ".rar" file with this name typically contains the bot's builder, panel source code, or the compiled stub. Analysts often use tools like ANY.RUN to sandbox such files and observe their initial connection to a .
The "Alduin" botnet is an open-source malware package, often found in repositories like GitHub, designed for Windows systems. It is characterized by its wide range of offensive capabilities, including multiple types of Distributed Denial-of-Service (DDoS) attacks and comprehensive data theft. Features USB spreading capabilities to infect new devices
Supports a diverse array of flood methods such as SlowLoris , Hulk , RUDY , ARME , and standard TCP/UDP/ICMP floods.
Based on its source code and documentation , the Alduin botnet includes several high-impact features: Analysts often use tools like ANY
Allows operators to take screenshots, view/kill active processes, and execute arbitrary commands via a CMD executor .