.: CyberSpy 8.0 (built 8.2.2) :.
Released 20 years ago. Nov 2001By Ghirai
- From: Visual Basic
- Coded by: Ghirai
- Version: CyberSpy 8.0 (built 8.2.2)
- Released date: Nov 2001, 20 years ago.
- Family: CyberSpy
- Category: Remote Access
Server: dropped file: c:\WINDOWS\SYSTEM\MSGSVR16.EXE.exe size: 55.156 bytes port: 200 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Msgrv16" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Msgrv16" c:\windows\system.ini, [boot] "shell" added: c:\WINDOWS\winstart.bat
CyberSpy v8.0 built 8.2.2 Telnet Release <<Documentation>> INTRODUCTION -CS 1.8 is a Telnet-based trojan; it means that you don't need any client to connect, you just use your favourite terminal. TECHINICAL INFO -it's written in VB6 and uses winsock, so if you get an error running the file, you can find the runtimes on the site(most of the people have these files) -the server listens on PORT 200 for a connection, therefore set the remote port in your terminal to 200. -it has a total of about 47 commands; to see a list of the commands, type "help", and to see what a command does, type "help command" (without the quotation marks); it's very simple to use... -the commands are listed alphabetically, so you can find what you need quicker -no need to list the commands here, you'll see them when you type help... -the size of the server should be 53,8KB, you can rename it to anything you want, just leave a exe extension. -it supports multiple clients TIP -when connecting to someone, first thing you should do is get the passwords, by typing "passwords". Ghirai
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at email@example.com, thank you in advance.