MAYA PWS 1.1
Released 19 years ago. November 2005
Copyright © MegaSecurity
By Princeali
Informations
| Author | Princeali |
| Family | MAYA PWS |
| Category | Information Stealer |
| Version | MAYA PWS 1.1 |
| Released Date | Nov 2005, 19 years ago. |
| Language | Delphi, compressed with UPX |
Additional Information
Server:
dropped file:
c:\WINDOWS\maya.exe Size: 65,033 bytes
c:\WINDOWS\sqlserver.dll Size: 47,616 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Maya "StubPath"
data: C:\WINDOWS\maya.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Maya"
data: C:\WINDOWS\maya.exe
tested on Windows XP
December 03, 2005
Author Information / Description
After noticing the first version had many requests and usage , I decided remaking it from scratch.
Making it log more passes uses new methods , less resources , and better firewall bypass technique next to a very clear log.
You would notice in your logs the following chars [M] its uses to separate the usernames from the passwords unlike older Maya version the logs were not so organized and had some problems.
Also I though making the log HTML Colored would be clearer for the user and so on.
You will also Notice some words between 2 [P] this happens when the user paste his username or password using CTRL+V Maya will also Catch it.
PHP script was replaced too now items are logged clearly for each user in Tables , FTP Delivery Method was removed and Replaced by Email , and I have decided to add a Local delivery method (C:\maya.html)
Also Maya is able to get the IE visited URL and more ,i also Updated the Firewall bypassing technique into FWB#++, so Basically Older Maya users will notice a big difference
PrincealiIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.