CAFEiNi 0.8 (a)
(Backdoor.Win32.Cafeini.08.a)

by Brain Storm [Electronic Souls]

Written in Visual C++, compressed with UPX

Released in March 2000

Made in Poland

more versions


VERSION 0.8 (02.03.2000)
-first public release

1.Why CAFEiNi is better than other
   backdoors (like NetBus):
-can kill more than 20 Windows antiviruses from memory
-doesn't installs itself into registry (when can)
-written in Visual C++ (smaller and faster than Delphi)
-you can control remote computer by telnet (eg. from Unix)
-works on Windows 95/98 and also Windows NT/2000
-with CAFEiNiclient you can control multiple computers (eg. open CD-ROM doors on 10 computers with one button click)
-full multitasking (eg. you can upload and download files in one time from multiple computers)
-some new backdoors commands (especially with desktop)
 
Brain Storm


Server:
dropped file:
c:\Documents and Settings\%User%\Kofohet.exe
size: 122.880 bytes
 
port: 51966, 1210 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Kofohet"
data: C:\Documents and Settings\%User%\Kofohet.exe 

tested on Windows XP

MegaSecurity