.: MadCow 0.1.1 :.
Released 15 years, 3 months ago. Aug 2006By ZeroByte
- Coded by: ZeroByte
- Version: MadCow 0.1.1
- Released date: Aug 2006, 15 years, 3 months ago.
- Family: MadCow 0.1.1
- Category: Remote Access
dropped files: c:\WINDOWS\winsys.exe Size: 439,808 bytes c:\WINDOWS\system32\drivers\win32ctrl.cpl Size: 396,800 bytes port: 5431 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "win32ctrl" data: control.exe C:\Windows\system32\drivers\win32ctrl.cpl tested on Windows XP November 17, 2006
MadCow is a stealth trojan for Windows 2000/XP/2003. It's a win32 controlpanel-applet (.cpl) file, that hides itself in the system service 'svchost.exe' so it can't be closed. Instructions: 1) Install the Madcow trojan on the victims computer using the included installer. 2) At your own computer open a telnet connection to the victim on port 579. Now you just see a blank screen... Now type: "letmein" and press return. 3) You should now see the text "/$". Now you can type in your command. (see list of commands). Have fun >:] Commands: ps = Process list. This shows you a list of all the open programs on the victims computer. kill = Kills a process. Use like: "kill 3519". (Hint: To shutdown the computer kill 'winlogon'). cmd = Opens a command prompt with admin rights, so you can do almost everything you want on the victims computer. uninstall = Disables madcow autorun function. exit = Exit MadCow.
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at email@example.com, thank you in advance.