Medusa is a DDoS bot written in .NET 2.0. In its current incarnation its C&C protocol is based on HTTP, while its predecessor made use of IRC.
AES-256 encryption with RSA key wrapping
Deletes shadow copies via vssadmin and wmic
Stops security and backup services
Brute-forces RDP for initial access
Uses purchased or brute-forced credentials