Espionage 1.0
Released 22 years, 10 months ago. January 2002
Copyright © MegaSecurity
By erebus
Informations
| Author | erebus |
| Family | Espionage |
| Category | Remote Access |
| Version | Espionage 1.0 |
| Released Date | Jan 2002, 22 years, 10 months ago. |
| Language | Visual Basic, compressed with ASPack |
Additional Information
Server:
c:\WINDOWS\SYSTEM\winsvchost.exe
size: 26.624 bytes
port: 81 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Win SVC Host"
Added:
HKEY_CLASSES_ROOT\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
Author Information / Description
Espionage is a trojan http server. it was created on an xp box with visual basic.
(it will run on all versions of windows)
trojan runs on port81 and is controlled through browser.
To access the server after infection
simply bring up http://server's ip:81 in your browser.
what is so different about espionage?
Espionage has the ability to close antivirus's on windows 95/98/NT/2k/XP,
including mcaffee and norton. also, on NT/2k/XP, the system task manager is disabled.
Registry editor and msconfig are also disabled along with many other
anti virus and firewall applications.
What else can espionage besides serve files via browser/http?
Espionage has the ability to view screen, view pc camera, view pc info,
erebusIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.