Blue Bot 2.0
Released 20 years, 10 months ago. October 2004
Copyright © MegaSecurity
By b1ackh0le
Informations
| Author | b1ackh0le |
| Family | Blue Eye |
| Category | Remote Access |
| Version | Blue Bot 2.0 |
| Released Date | Oct 2004, 20 years, 10 months ago. |
| Language | Microsoft Visual C++ |
Additional Information
Server:
dropped files:
c:\WINDOWS\system32\mscidaemon.com size: 28.056 bytes
c:\WINDOWS\system32\mscidaemon.dll size: 20.992 bytes
c:\WINDOWS\system32\mscidaemon.exe size: 28.056 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{L9IW2QB23-CD-EDF-2-22d2-9CBD-00WSFS8AR6-9QER21QAJPM} "StubPath"
data: C:\WINDOWS\System32\mscidaemon.com
tested on Windows XP
Author Information / Description
Blue Eye IRC Bot V 2.0
---------------------------
Features
----------------
1)No Process Visible inject into explorer.exe and exiting the parent
2)Active Setup Startup
3)Custom packeting syn,udp,ping ddos
4)Sniffer for finding FTP,other botnets passwords
5)socks 4 Server
6) Protucted storage,cashed passwords
Commands
`hl password -- Login to bots
`lo - logout
`who -will display the current loged users
`kall - kills all threads ,the syn or irc flood threads
`r -restart the bot
`c_qall -quit all irc clones
`s -status of bot
`t - Threds lists
`pass -display all passes including PS,cashed
`lgs -display the loged urls that r trying to hack our bots
`ni - network info ,ip and stuff
`si -system info os ,ie and other stuff
`s0ksstop -stop socks server
`s0ks port -start socks server
`j #chanel -will join the chanel in same server
`k threadno - kill that thred
`v - visits the url invisibliy
`mom - chaneg the mode
`syn - send syn packet to that ip
`u - send udp packet
`pi -send ping packet
`emb -send email bomb
Useage , Open the editor create the bot exe
b1ackh0leIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.