CyberSpy 8.2 (built 8.4.7) v1
Released 23 years, 1 month ago. November 2001
Copyright © MegaSecurity
By Ghirai
Informations
From | Visual Basic |
Author | Ghirai |
Family | CyberSpy |
Category | Remote Access |
Version | CyberSpy 8.2 (built 8.4.7) v1 |
Released Date | Nov 2001, 23 years, 1 month ago. |
Additional Information
Server:
dropped file:
C:\WINDOWS\SYSTEM\MSGSVR16.EXE
size: 55.668 bytes
port: 14194 TCP
startup:
HKEY_CURRENT_USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "Enable"
HKEY_CURRENT_USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "Parameters"
HKEY_CURRENT_USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "Path"
HKEY_CURRENT_USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "Startup"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Msgrv16"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Msgrv16"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Msgrv16"
c:\windows\system.ini, [boot] "shell"
Author Information / Description
<<[ CyberSpy v8.2 built 8.4.7 Telnet Release (c)oded by Ghirai ]>>
<<Documentation>>
INTRODUCTION
-CS 8.2 is a Telnet-based trojan; it means that you don't need any client to connect,
you just use your favourite terminal.
BUGFIXES
Better start-up and remove methods, now server melts on run.
TECHINICAL INFO
-it's written in VB6 and uses winsock, so if you get an error running the file, you
can find the runtimes on the site(most of the people have these files)
-the server listens on PORT 14194 for a connection, therefore set the remote port in your
terminal to 14194.
-it has a total of about 47 commands; to see a list of the commands, type "help", and to see what a
command does, type "help command" (without the quotation marks); it's very simple to use...
-the commands are listed alphabetically, so you can find what you need quicker
-no need to list the commands here, you'll see them when you type help...
-the size of the server should be about 54,4KB, you can rename it to anything you want,
just leave an exe extension.
-it supports multiple clients
TIP
-when connecting to someone, first thing you should do is get the passwords, by typing "passwords".
CONTACT INFO
-If you find any bugs, or have any suggestions,
or questions (PLEASE READ THIS FILE BEFORE ASKING QUESTIONS), don't hesitate to contact me.
-On the site you'll find a forum; you'll find support there...
'greets, Ghirai.
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.