The Andromeda botnet, also known as Gamarue or Wauchos, was first introduced to the public in 2011. During this time it was used to distribute large quantities of malware. According to Microsoft the Andromeda botnet was used to spread more than 80 malware families including ransomware, worms, and more.
Andromeda is a modular malware, meaning additional components can be purchased to provide extra functionality. The standard kit retails for around $300-$500, but price varies for different builder’s versions and any additional modules purchased. The builder comes in five versions – 2.06, 2.07, 2.08, 2.09 and 2.10. There is not much information on versions prior 2.06.
For this blog, analysis will focus on version 2.06 builder – the cracked version by OldWarrior.
Source: Blackberry Cylance