Toquito Bandito 1.1
Released 20 years, 8 months ago. March 2004
Copyright © MegaSecurity
By stm
Informations
Author | stm |
Family | Toquito Bandito |
Category | Remote Access |
Version | Toquito Bandito 1.1 |
Released Date | Mar 2004, 20 years, 8 months ago. |
Language | Delphi |
Additional Information
Server:
dropped file:
c:\WINDOWS\winhost32.exe
size: 20.480 bytes
size: 19.456 bytes
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{tv9381D8F2-0288-11D0-9501-00AA00B911A5} "StubPath"
Author Information / Description
Features:
--FWB (inject to explorer.exe), Melt, ActiveX startup, and install to win dir options.
--Aim Spy
--webcam and screen capture
--Offline Keylogger
--File, Task (with send keys), Process, and Registry managers
--computer info
--webdownload
--Broadcast commands: uninstall, close, reset, webdownload, upload.
Fixes in 1.1:
--added: PHP notify (ParaSite support!)
--added: a few new stuff in comp info
--added: uninstall melts the server and dlls
--lil Client visual tweeks
--client crash problems fixed (i hope)
--server injection problems fixed
--activex problems fixed
--other bugs i forgot about...
stm
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.