Archive A Reconstructed © MegaSecurity Database

• a
• b
• c
• d
• e
• f
• g
• h
• i
• j
• k
• l
• m
• n
• o
• p
• q
• r
• s
• t
• u
• v
• w
• x
• y
• z
• other

Previous Next

Server:
dropped file:
c:\WINNT\winhost32.exe

size: 18.432 bytes (UPX compressed)
 
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ActiveX Key "StubPath"
data: C:\WINNT\winhost32.exe
	
tested on win2000

Changes in 1.2 beta 2:
Fixed:
- -Save Keylog to Text
- -Few visual bugs
- -servers wouldn't reconnect after "hard" disconnects
- -other stuff
Removed:
- -Socket field in connection list (actually, i just changed the width to 0)
Replaced:
- -Kill/Close Process/window Sends ack. instead of refreshing list
- -switched my origional popup notify with a component
- -remote execution (FWB++) instead of dll injection
Added:
- -Customize ActiveX Key
- -Shows ActiveX Key Used in Computer Info
- -Remote Shell is now 9x compatible

stm

This archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.