| Name: | Cafeini |
| Aliases: | TROJ_CAFEIN, |
| Ports: | 80, 51966 (port can be changed) |
| Files: | Cafeini_polish.zip - 121,628 bytes Cafeini0.8.zip - 250,361 bytes Cafeini0.9.zip - 281,752 bytes Cafein10.zip - 377,898 bytes Cafeini1.1.zip - 395,170 bytes Cafeini.exe - 122,880 bytes Cafeini.exe - 142,848 bytes Cafeclnt.exe - 132,608 bytes Cafeclnt.exe - 143,872 bytes Cafeiniclient.exe - 158,720 bytes Cafeiniclient.exe - 163,840 bytes Cafeiniconfig.exe - 72,192 bytes Cafeiniserver.exe - 153,600 bytes Cafeiniserver.exe - 165,888 bytes Cafe08pl.exe - 123,904 bytes Rundll32.exe - Bygotit.exe - Hemany.exe - Mutihaka.exe - Pazymi.exe - Wilokyl.exe - Scanregw.exe - Vizitac.exe - - 430,080 bytes |
| Created: | Mar 2000 |
| Requires: | |
| Actions: | Anti-protection trojan / Remote Access / Steals passwords / Hacking tool |
| Registers: | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOne\ | |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ | |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\ | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\ | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices\ | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\ | |
| HKEY_LOCAL_MACHINE\Microsoft\Windows\Current Version\RunScanRegistry | |
| HKEY_LOCAL_MACHINE\Microsoft\WindowsNT\Current Version\RunScanRegistry | |
| Notes: | Works on Windows 95, 98, NT and 2000. Telnet can also be used as client. |
| Country: | written in Poland |
| Program: | Written in Visual C++. |