I Feel Lucky I Feel Very Lucky

Troya 1.0

Released 19 years, 11 months ago. December 2004

Copyright © MegaSecurity

By Mohammad

Troya 1.0
Informations
From Iran
Author Mohammad
Family Troya
Category Remote Access
Version Troya 1.0
Released Date Dec 2004, 19 years, 11 months ago.
Language Delphi, compressed with PECompact
Additional Information 
Server:
dropped files:
c:\WINDOWS\WinLoaderXP.exe    Size: 268,288 bytes 
c:\WINDOWS\system32\explorer64.exe                           size: 6,144 bytes 
c:\WINDOWS\system32\oobe\html\404.htm                        size: 595 bytes 
c:\WINDOWS\system32\oobe\html\Capture_Settings.htm           size: 1,148 bytes 
c:\WINDOWS\system32\oobe\html\file_manager.htm               size: 675 bytes 
c:\WINDOWS\system32\oobe\html\Files.htm                      size: 546 bytes 
c:\WINDOWS\system32\oobe\html\Header.htm                     size: 2,550 bytes 
c:\WINDOWS\system32\oobe\html\Index.htm                      size: 2,020 bytes 
c:\WINDOWS\system32\oobe\html\Index1.htm                     size: 325 bytes 
c:\WINDOWS\system32\oobe\html\Internal_Error.htm             size: 509 bytes 
c:\WINDOWS\system32\oobe\html\NotReady.htm                   size: 718 bytes 
c:\WINDOWS\system32\oobe\html\Process_Manager.htm            size: 1,176 bytes 
c:\WINDOWS\system32\oobe\html\s.css                          size: 1,254 bytes 
c:\WINDOWS\system32\oobe\html\Screen_Resolution_Manager.htm  size: 875 bytes 
c:\WINDOWS\system32\oobe\html\Top.htm                        size: 1,212 bytes 
c:\WINDOWS\system32\oobe\html\Window_Manager.htm             size: 1,820 bytes 

port: 800 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "GenericHostXP"
data: C:\WINDOWS\WinLoaderXP.exe 


tested on Windows XP
January 04, 2005

Author Information / Description 
============	About Program========================
	| Troya is a WebRAT (Web Remote Access Tool)        |
	| It uses Internet Explorer to connect to Remote PC.|
	| For Example: http://217.218.10.16/	    	    |
	| Coded by: Borland Delphi 6.0                      |
	| Released in: Dec. 2004                            |
	=====================================================
	
	=============About Author============
	|   Name: Mohammad                  |
	|   Location: Iran - Tehran         |
	|   Age: 19                         |
	=====================================

v1.02 (Version 1.0 - BugFix 2)
Last Updated: 2004/12/11

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.