Archive Helmet Icon Archive A Reconstructed © MegaSecurity Database

I Feel Lucky I Feel Very Lucky

Cold Fusion 1.0

Released 23 years, 4 months ago. December 2002

Copyright © MegaSecurity

By Satan_addict, Flippmode, Read101, Trade Mark

Informations
Author Satan_addict, Flippmode, Read101, Trade Mark
Family Cold Fusion
Category Remote Access
Version Cold Fusion 1.0
Released Date Dec 2002, 23 years, 4 months ago.
Language Delphi
Additional Information
Server:
c:\WINDOWS\navapw16.exe 

size: 94.720 bytes 

port: 4000 TCP

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "navapw16.exe"

Author Information / Description
COLD FUSION v1.00

Features:
========
-FWB (injects to explorer.exe)
-invisible in taskmanager
-Victim info
-Reboot/shutdown
-Webcam capture(plugin)
-Screen Capture(plugin)
-Mouse clicks (right and left)
-Process Manager
-FileManager
-Melt server
-AV/FW killer at at startup (plugin)
-ICQ and CGI notification

CODERS:
======
Satan_addict, Flippmode, Read101, Trade Mark


Files:
------
*Client.exe
*Editor.exe
*installer.exe        
*sysk.dll
*syscpt.dll
*readme1st.txt
(all files binded with upx)

PLUGINS INSTRUCTIONS:
---------------------
send all plugins to windows folder.
The syscpt.dll allows you yo capture both screen and webcam images.
The sysk.dll will be injected into explorer.exe and will kill all FWs and AVs. 
It will repeat the killing process every 2 minutes (It also kills windows services).

BINDING THE SYSK.DLL:
---------------------
You can bind the sysk.dll plugin but remember allways to unpack it to the windows folder!
The server sees if the dll is there and if it is, it runs it. 
                                                                             

Have fun,           
-Satan_addict

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.