Archive A Reconstructed © MegaSecurity Database

• a
• b
• c
• d
• e
• f
• g
• h
• i
• j
• k
• l
• m
• n
• o
• p
• q
• r
• s
• t
• u
• v
• w
• x
• y
• z
• other

Server:
dropped files:
c:\WINNT\system32\desktop.jpg size: 63.815 bytes 
c:\WINNT\system32\jpg.dll     size: 95.744 bytes 
c:\WINNT\system32\log32.exe   size: 65.536 bytes 

port: 123, 80 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft"
data: log32.exe

Keylogger

Very simple to use:

* Keylogger
must connect to server

* Screen capture
Just run the program in the server side, then you can access the computer remotely using  your web browser (Internet explorer) and the Ip Address (even if the client is not connected).

  eg:
http://127.0.0.1/


to refresh the image:
http://127.0.0.1/desktop

note: 127.0.0.1 is your local Ip  address (to test locally) you have to get the remote IP address where the server is running.

Exhumed

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.