Tequila Bandita 1.3b1 - Malware Gallery

Informations

Author	stm
Family	Toquito Bandito
Category	Remote Access
Version	Tequila Bandita 1.3b1
Released Date	Jan 2005, 19 years, 8 months ago.
Language	Delphi

Additional Information

Server:
dropped file:
c:\WINDOWS\winhost32.exe
size: 18,432 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ActiveX Key "StubPath"
data: C:\WINDOWS\winhost32.exe



tested on Windows XP
January 29, 2005

Author Information / Description

PLUGINS:
Plugs folder includs server and client side plugins.
Upload the server side plugin into the server's windows directory
Load the client side plugin on the server window and you're set.

-----------------------------------------------------------------------

For Next Version:
-- <archphase> the Tb file search is like moronic, it needs to be as its found send it
-- download manager dont get subdirs
-- encrypted transfers
-- socks5 plugin

Changes in 1.3b1
Fixed: 
- -AIM spy get windows bug
- -keylogger bug (bwuwgw)
- -multiple client crashes
Changes:
- -server connections are more organized for stability (code wise)
- -"close server window first." messagebox now unnecsssisicassary
- -can now open more than one server window on the same server (multi-task/threaded)
- -plugin system changed (barely)
- -injection server switched from elirt to drocon's RT32 lib (drocon owns us all from now on)
- -gui tweaks
- -made the remote shell 9 million (estimated) times faster
Additions:
- -Auto-Refresh lists after commands option (refresh dir after upload, refresh tasks after close, etc.)
- -transfer queue
- -download folders
- -downloads files in seperate server folders
- -check if online server _option_ (server connects only if it detects an internet connection)
- -Displays all server settings in computer info
- -Browse Network Share Directly (go to shares in file manager on click)
- -Go To Dir in File Search
- -kb/s display
- -user display in main listview


stm