.: Genie 1.1 :.
Released 15 years, 8 months ago. Feb 2006By prncipia
- Coded by: prncipia
- Version: Genie 1.1
- Released date: Feb 2006, 15 years, 8 months ago.
- Family: Genie
- Category: Remote Access
dropped files: c:\WINDOWS\cagent.exe Size: 15,486 bytes c:\WINDOWS\system32\regmont.exe Size: 15,486 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "Run" data: C:\WINDOWS\cagent.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "RegMon" data: C:\WINDOWS\System32\regmont.exe tested on Windows XP March 19, 2006
Genie v1.1 , for Windows 98/NT/XP,build 01-02-2006 Code by prncipia Genie is a simple Telnet backdoor program. -When Gene.exe executed, it opens port on 1179. -Creates a copy of itself as %System%\regmont.exe and %windir%\cagent.exe -And adds the follow values in the registry to be executed each time Windows starts. "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run" "RegMon" = " %System%\regmont.exe" "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows" "Run" = "%windir%\cagent.exe" Genie commands: Exit Close current connection. Reset Reboot windows. Vshutdown Shutdown the virus. Now to conect to remote host you have to type Telnet "targets_ip" 1179 then type "hello" to activate the program. And the last step is to ask you for the password and by default password is "katerina". That's it. I accept email from any user with comments or bug fixes. Note: This is version 1.1 so the are bugs, incompatabilities with various flavors of windows and other anomolies ! But if you want something better write it yourself. Oh and send me a copy..!! Of course this program is untraceable from any antivirus .......except firewalls. prncipia
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at firstname.lastname@example.org, thank you in advance.