Archive A Reconstructed © MegaSecurity Database
PassWord Ripper
Released 21 years, 4 months ago. December 2004
Copyright © MegaSecurity
By (v)aster
Informations
| Author | (v)aster |
| Family | PassWord Ripper |
| Category | Information Stealer |
| Version | PassWord Ripper |
| Released Date | Dec 2004, 21 years, 4 months ago. |
| Language | Delphi, Source included |
Additional Information
Server:
dropped file:
c:\WINDOWS\WinDialog32.exe
size: 50,176 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinDialog"
data: C:\WINDOWS\WinDialog32.exe
tested on Windows XP
February 19, 2005
Author Information / Description
The Password Ripper ripps passwords from
ICQ 2003b, InternetExplorer\Outlook
and Cached Passwords from Windows 9x\ME
Firewall bypass
--------------------------------------------
Server is not Packed with any packer, so you can use some Packers
Settings are Crypted in Server, so that noone can read them ;)
You can select which passwords you want to be uploaded
to your FTP Server [ Server Size will not be changed ! ]
You can select if you want that the Server load everytime Windows start.
Server without Firewall bypass is ~49kb not packed
Server with Firewall bypass is ~80kb not packed
Firewall bypass:
if you select iexplore.exe then its inject into iexplore.exe
and its use iexplore service for uploading,
if you select firefox.exe then its inject into firefox.exe
and its use firefox service for uploading, same with opera
just when you don't use injecting then its use iexplore as service
for uploading :D
Injecting works on Win9x\ME\XP fine
--------------------------------------------
1. You need to get FTP Server
2. Add your Settings into the Builder, and click Build. [ You need write-rights on ftp ]
3. Send your Victim :D
4. Connect to your FTP Server, Login, check if file* is there, download file
* = File is in the Root folder of the FTP Server
--------------------------------------------
cya (v)asterThis archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.