Archive Helmet Icon Archive A Reconstructed © MegaSecurity Database

I Feel Lucky I Feel Very Lucky

Kernel32

Copyright © MegaSecurity

By PhotoPaul

Kernel32
Informations
Author PhotoPaul
Family Kernel32
Category Remote Access
Version Kernel32
Language Win32Asm
Additional Information
Server:
dropped file:
c:\WINDOWS\KERNEL32.EXE
size: 8,224 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Kernel"
data: C:\WINDOWS\KERNEL32.EXE 




tested on Windows XP
November 29, 2006

Author Information / Description
How to use it:
1) Run the Client
2) Enter your victim's IP (you can get it in many ways e.g. in mIRC type "/dns NickName" where NickName is your victim's nick) or HOST (e.g. photopaul.mshome.net)
3) Then click Connect (and here comes the fun :-)

When connected you can send the following commands which MUST be lowercase:
a) msgb???|???
Displays a MessageBox on your victim's screen
	Type the MessageBox's title, where the first ??? are
	Type the MessageBox's main message, where the second ??? are
b) close
Terminates the server for the current session
	You can't re-connect until the victim's PC is restarted
c) boot
Shuts Down the victim's PC
	You can't use it if you have first used the "close" command :-P
d) runa?????[ ?????]
Runs an application on your victim's PC
	Full command line support
	(e.g. "runac:\win98\notepad.exe win.ini")
e) pass
Retrieves Cached Passwords
	MessageBoxes appear on your screen containing your victim's Cached Passwords
	If something goes wrong, a txt containing the password will be created in Client's path
	
PhotoPaul

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.