Espionage 1.1
Released 22 years, 9 months ago. December 2001
Copyright © MegaSecurity
By erebus
Informations
| Author | erebus |
| Family | Espionage |
| Category | Remote Access |
| Version | Espionage 1.1 |
| Released Date | Dec 2001, 22 years, 9 months ago. |
| Language | Visual Basic, compressed with ASPack |
Additional Information
Server:
C:\WINDOWS\SYSTEM\winsvchost.exe
size: 23.552 bytes
port: 81 TCP
startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run "Win SVC Host"
Added:
C:\WINDOWS\SYSTEM\cap.exe
Author Information / Description
Espionage is a trojan http server. it was created on an xp box with visual basic.
(it will run on all versions of windows)
trojan runs on port81 and is controlled through browser.
To access the server after infection
simply bring up http://server's ip:81 in your browser.
what is so different about espionage?
Espionage has the ability to close antivirus's on windows 95/98/NT/2k/XP,
including mcaffee and norton. also, on NT/2k/XP, the system task manager is disabled.
Registry editor and msconfig are also disabled along with many other
anti virus and firewall applications.
What else can espionage besides serve files via browser/http?
Espionage has the ability to view screen, view pc camera, view pc info,
erebusIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.