by Muharremoğlu
Written in Delphi, compressed with UPX
Released in May 2004
Commands: ADDREG BEEP CAPTURE // ScreenShot CDROM CLIPBOARDLOG DOWNLOADFROMNET EXPORTREG EXEC EXECHIDE GETCACHEDPASS HIDETASKBAR ICQPASS2003 IMPORTREG KEYBOARDLOCK KILL LOG // KeyLogger MAXCLIENTS MSJ // Chat MSJOFF PROCLIST PLAYWAV RAS // Dial-Up S,ifreleri READREG RESTARTSERVER REMOVESERVER SEARCH SENDERROR SETUSERNAME SETPASSWORD SETPORT SETURL SETHOMEDIR SETRUNDIR SENDKEYS SENDLOG SERVERINFO SERVERHELP SENDMSG SHUTDOWN SHOWTASKBAR SNDRECORD SYSINFO UPDATESERVER URLHISTORY WEBCAM WEBPAGE VICTIM Muharremoğlu Server: dropped files: c:\WINDOWS\cliplog size: 1.655 bytes c:\WINDOWS\log size: 0 bytes c:\WINDOWS\SYSTEM\ctrlsys.exe size: 364.072 bytes c:\WINDOWS\SYSTEM\loadqm\ClipLogged size: 1.655 bytes c:\WINDOWS\SYSTEM\loadqm\Logged size: 0 bytes port: 666 TCP added to registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ICQNet" data: C:\WINDOWS\System\CTRLSYS.EXE HKEY_LOCAL_MACHINE\Software\SpyMasterSnakeMegaSecurity