I Feel Lucky I Feel Very Lucky

Fearless Keyspy 2.0

Released 21 years, 1 month ago. September 2003

Copyright © MegaSecurity

By Ghirai

Fearless Keyspy 2.0
Informations
Author Ghirai
Family Fearless
Category Information Stealer
Version Fearless Keyspy 2.0
Released Date Sep 2003, 21 years, 1 month ago.
Additional Information 
Server:
dropped file:
c:\WINDOWS\SYSTEM\fks2.0_server.exe 

size: 2.624 bytes 

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "FKS v2.0"

Author Information / Description 
v2.0

-> server is now 100% assembly, reaching 2.5 KB packed
-> buffer no longer gets lost when victim's box crashes/suddenly reboots/etc.
-> added a "get and execute" feature (see readme)
-> fixed a bug in the editor, that existed in all previous versions
-> some GUI tweaks
-> "remove file" now gets deleted after server remove
-> some features i didn't consider being neccessary were removed

Description:

FKS is a keylogger, that will upload the logs to the root folder of a ftp server you specify,
when the log reaches a certain size. It will start everytime with windows.
It will log *all* keys, and the window caption (between >>> <<< chars,
like ">>> Yahoo! Mail - Microsoft Internet Explorer <<<") they were typed in.
Date and time when system starts/stops will also be logged.
The logs will be uploaded with the name "FKSlog_[time].log", like FKSlog_10-23-15.log
(10 o'clock, 23 mins and 15 secs).
When reading the log, "<RET>" means enter (return), "<BS>" is backspace,
"<ESC>" is escape, "<TAB>" is the tab key, "<DEL>" is the delete key.
Compatible with 9*/Me/2K/XP.

Configuring the server:

It should be easy to set up if you ever used a trojan before; run FKS.exe.

First, the server options tab:
-> In the "Server Name" field, enter a new for the server after installation, 
something unsuspicious would be better (use your imagination).
Note that if you specify a filanem that exists on the host computer(in the sys dir), it will be overwritten!
-> The Registry Key field: same as above, enter something "normal" ;)

The Logging Option tab:
-> The ftp address fileld: enter the hostanme of your ftp server, like "ftp.myhost.com", 
    or "myhost.com". You should know that... The server will connect to port 21 (default for ftp).
-> Ftp username: type in your username
-> ftp password: enter your ftp password
-> "When log gets..." filed: the size of the logfile when it sould get uploaded;
 you have to think here a little, depending on what you're after: if you want a quick log,
  enter a small filesize (5-10000 bytes). If not, 500000 bytes (50KB) should be ok.
  Note that some ftp servers have a size limit, but that's your problem.
-> Logfile name fileld: enter a filename, any extension, or no extension, etc.
 Note that you shouldn't type system filenames, cause they will get overwritten...

That's it, hit "Build Server", and you're done. The editor will make a "server.exe" file, 
in the patch where you have the editor. DON'T compress/encrypt or otherwise tamper with the server file!
Now all you have to do is make your victim run "server.exe"...

Ghirai

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.