Very impressive. Targets like Kenya, Afghan etc. so def NSA op.

(http://www.autoadmit.com/thread.php?thread_id=3920865&forum_id=1024#35622681)

The most sophisticated module is GollumApp. This contains nearly 1,500 user-code functions and provides most of the above described routines for persistence, file system control and C&C communications.

Canhadr, also known as NDriver, contains low-level routines for network, IO operations and so on. Its kernel-mode program is able to execute malicious code without crashing the whole file system or causing Blue Screen - a remarkable achievement. Written in pure C language, Canhadr/Ndriver provides full access to the hard drive and operating memory despite device security restrictions, and carries out integrity control of various system components to avoid debugging and security detection.

(http://www.autoadmit.com/thread.php?thread_id=3920865&forum_id=1024#35627900)