AutoSpY 1.2
Copyright © MegaSecurity
By Case
Informations
Author | Case |
Family | AutoSpY |
Category | Remote Access |
Version | AutoSpY 1.2 |
Language | Visual Basic |
Additional Information
Server:
dropped files:
c:\WINDOWS\SYSTEM\MsKernel32.exe
c:\WINDOWS\MsKernel32.exe
size: 156 KB
port: 7274 TCP
startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
Author Information / Description
AutoSpY---------
General Info
AutoSpY release 1.2 (with nice new features to it) By: Case
AutoSpY.exe - Client used to connect to remote Destination
Server.exe - Server that Sends and Recieves Data and String Recognition
Cleanit.exe - this file is a trojan cleaner, only for autospy,
lets say you axidentally ran server.exe on your own system, thers no need to be panic,
this will get rid of autospy port connection,
deletes the trojan and removes it off the registry., unlike other trojans dont come with
Utilities included such as: Credit Card Generator, and AutoDial
Command Help
Kill - deletes what ever file you chose to delete. ex. (kill C:\windows\win.ini)
Deltree - deletes folder. ex. deltree C:\windows
systemtime - Get system time
showimage - shows a image file ex. showimage C:\mypic.jpg
webpage - opens url. ex. webpage www.yahoo.com
startapp - starts application. ex. startapp C:\autoexec.bat
spread - spreads this backdoor throughout network(has bugs and will be fixed soon)
msgbox - shows message. ex. msgbox you suck
msgbox16 - shows fatal error message. ex. msgbox16 windows corrupted
msgbox48 - shows Warning message. ex. msgbox48 I will kill you
cdopen - opens cdrom
msgloop - unlimited error messages. ex. msgloop I will never stop
lockscreen - locks screen
userinput - users input
unlockscreen - unlocks the screen
view - views file. ex. view C:\mysecrets.txt"
hangup - disconnects users internet
close - server closes
beepdead - unlimited computer beeping
beep - computer beeps
bview - views files
taskhide - hides taskbar
taskshow - shows taskbar
LockWorkStaion - locks workstation
FatalAppExit - fatal app exit
FatalExit - fatal win exit
terminate - exit windows
mkdir - creates folder in C:\you_suck
frmauto - Turns the screen black and in the middle in green letters displays "AutoSpY Has You......"
keyboardscrew - This replaces the keyboard keys. ex. if you press x it will type q instead.
swap - this revearses the mouse buttons
ping - pings a search engines ip, I'm not saying wich
Sound - this plays the tada sound
sysrename - this renames notepad.exe to note.com and 5 other system files
GetTickCount - this gives you how much time spend on the computer
info - this gives you the complete info, all the registries
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.