Archive A Reconstructed © MegaSecurity Database
Blue Bot 2.0
Released 21 years, 6 months ago. October 2004
Copyright © MegaSecurity
By b1ackh0le
Informations
| Author | b1ackh0le |
| Family | Blue Eye |
| Category | Remote Access |
| Version | Blue Bot 2.0 |
| Released Date | Oct 2004, 21 years, 6 months ago. |
| Language | Microsoft Visual C++ |
Additional Information
Server:
dropped files:
c:\WINDOWS\system32\mscidaemon.com size: 28.056 bytes
c:\WINDOWS\system32\mscidaemon.dll size: 20.992 bytes
c:\WINDOWS\system32\mscidaemon.exe size: 28.056 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{L9IW2QB23-CD-EDF-2-22d2-9CBD-00WSFS8AR6-9QER21QAJPM} "StubPath"
data: C:\WINDOWS\System32\mscidaemon.com
tested on Windows XP
Author Information / Description
Blue Eye IRC Bot V 2.0
---------------------------
Features
----------------
1)No Process Visible inject into explorer.exe and exiting the parent
2)Active Setup Startup
3)Custom packeting syn,udp,ping ddos
4)Sniffer for finding FTP,other botnets passwords
5)socks 4 Server
6) Protucted storage,cashed passwords
Commands
`hl password -- Login to bots
`lo - logout
`who -will display the current loged users
`kall - kills all threads ,the syn or irc flood threads
`r -restart the bot
`c_qall -quit all irc clones
`s -status of bot
`t - Threds lists
`pass -display all passes including PS,cashed
`lgs -display the loged urls that r trying to hack our bots
`ni - network info ,ip and stuff
`si -system info os ,ie and other stuff
`s0ksstop -stop socks server
`s0ks port -start socks server
`j #chanel -will join the chanel in same server
`k threadno - kill that thred
`v - visits the url invisibliy
`mom - chaneg the mode
`syn - send syn packet to that ip
`u - send udp packet
`pi -send ping packet
`emb -send email bomb
Useage , Open the editor create the bot exe
b1ackh0leThis archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.