Troya 1.32

Released 19 years ago. December 2005

Copyright © MegaSecurity

By Mohammad


Troya 1.32
Informations
From Iran
Author Mohammad
Family Troya
Category Remote Access
Version Troya 1.32
Released Date Dec 2005, 19 years ago.
Language Delphi, compressed with PECompact
Additional Information
Server:
dropped files:
c:\WINDOWS\WinLoaderXP.exe            Size: 275,456 bytes 
c:\WINDOWS\system32\explorer64.exe    Size: 11,264 bytes 

port: 800 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "GenericHostXP"
data: C:\WINDOWS\WinLoaderXP.exe 
	
	

tested on Windows XP
March 04, 2006

Author Information / Description
Troya is a WebRAT (Web Remote Access Tool)    
It uses Internet Explorer to connect to Remote PC.
For Example: http://217.218.10.16/		    
Coded by: Borland Delphi 6.0		    
Released in: Dec. 2005		
	
Mohammad

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.