FinFisher/0DF6972B
Inhaltsverzeichnis
0DF6972B
Licenses
| LicenseID | MachineUID | SoftwareUID | SoftwareName | VersionMajor | NotBefore | ValidityStart | NotAfter | ValidityEnd | InstallationDate | LicenseFile | LicenseContents | Status | CustomerID | ProductID | Deleted | UserID | DataEntryDate | LastUpdated |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 126 | 5F:BD:A2:10:02:B8:47:EF | 00:1E:00:0A | FinSpyV2 | 4 | 1271721600 | 2010-04-20 00:00:00 | 1367280000 | 2013-04-30 00:00:00 | 2011-02-11 14:52:02 | License.txt | MACHINE UID
5F:BD:A2:10:02:B8:47:EF CUSTOMER UID 0DF6972B SOFTWARE UID 00:1E:00:0A SOFTWARE NAME FinSpyV2 AGENTS MAX NUMBER 5 TARGETS MAX NUMBER 35 VERSION MAJOR 4 NOT BEFORE 1271721600 NOT AFTER 1367280000 DEMO 0 |
Expired | 32 | 1 | 0 | 5 | 2011-02-11 14:52:02 | 2013-05-28 16:17:04 |
| 127 | 5F:BD:A2:10:02:B8:47:EF | 00:1E:00:0A | FinSpyV2 | 4 | 1271721600 | 2010-04-20 00:00:00 | 1367280000 | 2013-04-30 00:00:00 | 2011-02-11 14:52:22 | License.txt | MACHINE UID
5F:BD:A2:10:02:B8:47:EF CUSTOMER UID 0DF6972B SOFTWARE UID 00:1E:00:0A SOFTWARE NAME FinSpyV2 AGENTS MAX NUMBER 5 TARGETS MAX NUMBER 35 VERSION MAJOR 4 NOT BEFORE 1271721600 NOT AFTER 1367280000 DEMO 0 |
Expired | 32 | 16 | 0 | 5 | 2011-02-11 14:52:22 | 2013-05-28 16:17:04 |
| 244 | 40:CD:CD:41:E6:E3:A2:21 | 00:2A:00:0A | FinIntrusion-Kit | 4 | 1275955200 | 2010-06-08 02:00:00 | 1370822400 | 2013-06-10 02:00:00 | 2011-09-21 11:09:40 | License.txt | MACHINE UID
40:CD:CD:41:E6:E3:A2:21 CUSTOMER UID 0DF6972B SOFTWARE UID 00:2A:00:0A SOFTWARE NAME FinIntrusion-Kit VERSION MAJOR 4 NOT BEFORE 1275955200 NOT AFTER 1370822400 DEMO 0 |
Expired | 32 | 5 | 0 | 5 | 2011-09-21 11:09:40 | 2013-09-03 09:17:01 |
Support-Requests
06AEF698
TrackingID: "06AEF698"
Summary: "Powerpoint Integeration"
Description: "The trojan can not be integrated with powerpoint. The resulted exe file is again detected by Antiviruses... Plz look in to that and let us know asap. I have informed you this earlier on online communication too but no response. "
ProductID: 1
TypeID: 2
FileName: "06AEF698"
StatusNotification: 1
SupportComments: "The problem is solved with the 4.20 release"
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2012-03-29 06:46:01"
LastUpdated: "2012-10-11 13:31:16"
0940E598
TrackingID: 0940E598
Summary: "The trojan is detected by Norton and Bit Defender"
Description: "We came to know that the progress on by-passing Avira antivirus is going good and a new version will be released soon with the patch... as communicated earlier on skype etc that Norton and BitDefender also detects the trojan, we request to look in to this matter as well so that when you release the new version we get the support for these two anti-viruses too....\r\nwill be thankful... "
ProductID: 1
TypeID: 1
FileName: 0940E598
StatusNotification: 1
SupportComments: "The problem has been solved with the 4.20 release."
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2012-05-16 10:41:52"
LastUpdated: "2012-10-11 13:32:57"
2E97D056
TrackingID: "2E97D056"
Summary: "Detected by Avira Antivirus"
Description: "The infection is detectable by the Avira Antivirus on target machine. This happened in a scenario when the infection was created with features MASTER BOOT RECORD INFECTION and ACTIVE HIDING ON TARGET both disabled. The message from Avira specifies presence of a TR/DROPPER.GEN trojan in the infection.\r\n\r\nThis also happens when we are creating target. We have to disable antivirus installed on Agent to generate the infection. "
ProductID: 1
TypeID: 1
FileName: "2E97D056"
StatusNotification: 1
SupportComments: "The problem has been solved with the 4.20 release"
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2012-02-17 06:34:15"
LastUpdated: "2012-10-11 13:36:28"
52EA62A4
TrackingID: "52EA62A4"
Summary: "Customized Metadata selection of a trojan+Icon Changer"
Description: "Once we create a trojan, the metadata in the properties of the file show random association with another software. Currently, firefox, adobe etc are being used.\r\n\r\nIt is suggested that there should be option for us i.e. user to control the metadata properties of our choice. \r\n\r\nAn option of ICON CHANGER for .exe may also be added as a new feature which should not be much difficult but very helpful. "
ProductID: 1
TypeID: 5
FileName: "52EA62A4"
StatusNotification: 1
SupportComments: ""
StatusID: 2
CustomerID: 32
Language: "en"
CreationDate: "2013-01-23 10:08:50"
LastUpdated: "2013-01-28 10:10:21"
6149E7C3
TrackingID: "6149E7C3"
Summary: "The target limit is reduced to only 20"
Description: "As per the contract we have an allowance of 35 tagets in total on FinSpy. But for the last 2/3 weeks, we are limited to only 20 targets. Please see in to the issue so that we can do our operations in full. \r\n\r\nThank you."
ProductID: 1
TypeID: 2
FileName: "6149E7C3"
StatusNotification: 1
SupportComments: "A suitable mail has been sent."
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2011-05-07 14:15:17"
LastUpdated: "2012-05-08 14:32:32"
AD574382
TrackingID: "AD574382"
Summary: "problems"
Description: "this is khalid from paksitan as per telphonic conversation with martin you have to get live access of our server for debugging i tried to contact with mr holger he doesnt come online for last three days and contact on ur no but no response from ur germany number plz do necessary action to rectify we are in great trouble"
ProductID: 1
TypeID: 1
FileName: "AD574382"
StatusNotification: 1
SupportComments: "Dear Customer,
the problem has been solved during a usual Skype support chat.
The ticket will be closed.
Sincerely yours,
FinFisher Customer Support"
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2011-03-24 10:19:59"
LastUpdated: "2011-07-08 15:45:47"
"B1EA1F1E
TrackingID: "B1EA1F1E"
Summary: "The agent crashes when a target is opened"
Description: "When the agent is logged on it gives an error message ERROR READING CONFIGURATION FILE. The screenshot is attached alongwith.\r\n\r\nAfter that when we click on an online target, the agent crashes down with no error message. The agent is not working completely. Please update us as soon as possible."
ProductID: 1
TypeID: 1
FileName: "B1EA1F1E.png"
StatusNotification: 1
SupportComments: "Restarting the finspy_master process has fixed the problem"
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2011-05-16 06:12:25"
LastUpdated: "2011-06-01 10:15:31"
C93E6246
TrackingID: "C93E6246"
Summary: "Offline download managment and Incremental downloads"
Description: "We are happy that the feature of offline target configuration has been added already. It is working successfully at our side. Earlier we have requested another feature which is described below. \r\n\r\nWe would be pleased if Gamma can add a feature in which the agent be able to select files to download even when the target is offline and whenever the target comes online, those selected files may be downloaded without the interaction required from user. \r\n\r\nAlso presently, the downloading of files discontinues if there is a network disconnect error or any other error. That file has to be downloaded again from scratch. This is a real annoyance. We want that when the connection is lost between target and agent, the file download pauses automatically wherever it was and whenever the target comes online again, the download starts from the point where it paused. In this way a lot of effort and time can be saved. It is also useful for the files which are slightly bigger than usual. I call this feature incremental download. I hope Im correct in that. \r\n\r\nThank you"
ProductID: 1
TypeID: 5
FileName: "C93E6246"
StatusNotification: 1
SupportComments: ""
StatusID: 2
CustomerID: 32
Language: "en"
CreationDate: "2012-05-23 12:11:37"
LastUpdated: "2012-06-06 12:45:00"
D0C83082
TrackingID: "D0C83082"
Summary: "The drives of the infected target would not open"
Description: "After the targets have been infected, there have been some targets whose one or all of the drives remained locked with an error message :UNABLE TO OPEN THE DRIVE: However, after considerbale RnD on this bug, we have found out that the drives were not locked by any locking software like BitLocker etc. Please look in to the issue and resolve it asap so that the infected targets may be exploited at the best. \r\n\r\nThank you."
ProductID: 1
TypeID: 2
FileName: "D0C83082"
StatusNotification: 1
SupportComments: ""
StatusID: 2
CustomerID: 32
Language: "en"
CreationDate: "2011-04-14 10:18:09"
LastUpdated: "2011-07-22 15:36:35"
E37B2927
TrackingID: "E37B2927"
Summary: "The infection rate is practically zero percent"
Description: "Since the release of the new version i.e. 4.1 the trojan is unable to infect any target. There is absolutely no response from any of the targets we attacked. Plz look in to this matter as it is very serious one."
ProductID: 1
TypeID: 1
FileName: "E37B2927"
StatusNotification: 1
SupportComments: "The problem has been solved with the 4.20 release"
StatusID: 4
CustomerID: 32
Language: "en"
CreationDate: "2012-07-23 10:41:17"
LastUpdated: "2012-10-11 13:35:15"
F644B76C
TrackingID: "F644B76C"
Summary: "The FinSpy Server StartUp Error"
Description: "When the Server starts up, and when the line :STARTING MTA exim4: appears, the server sends a message which is as follows:-\r\n\r\nALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken failed! \r\n\r\nPlease tell us why this message appears now when earlier it was not there and what impact it can have on the server?\r\nThank you"
ProductID: 1
TypeID: 3
FileName: "F644B76C"
StatusNotification: 1
SupportComments: ""
StatusID: 2
CustomerID: 32
Language: "en"
CreationDate: "2011-05-12 10:53:07"
LastUpdated: "2011-07-22 15:35:44"
