Written in Visual Basic. The author is a hacker called Dave. The infection is performed via the e-mail or File and Print Sharing. This hacker tool was designed to control user’s PC from a distant machine. The functions of this virus offer the intruder the ability to download, delete and upload files, kill running processes, etc. However, the victim has to execute the “server” file himself.
From the publisher:
“D3v3’5 C113n7 / 53rv3r
This is my first major remote administration tool, and I am proud of it! At the moment it has a few bugs and is rather strange.
PORT = 6200 & 6201 – This is the port it works on – You can’t change it!
– At the moment it has no startup thing, so you’ll have to ‘fool’ the person into using the program however, I have startup code, just can’t be asked to put it in.
-I will also put a keylogger in sooner or later
-Other grooved up enhancement will come soon
At the moment D4v3’5 C113n7 / 53rv3r doesn’t have a GUI, it runs on commands
Here they are:
RUN – Runs a program – ‘run c:\windows\notepad.exe’
DEL – Deletes a file – ‘kill c:\windows\file.txt’
MSG – Displays A Message – ‘msg hiya moron im watchin u’
GET – Gets A File – ‘get c:\windows\win.ini’
SUB – Displays a list of sub-directories – ‘sub c:\windows’
DIR – Displays a list of files with a given extension – ‘dir c:\windows bmp’
LST – Lists All Files (May Not Get All) – ‘lst c:\windows’
-HIDDEN – All of these set the file listing properties
IECACHE – Gets The IECache file – ‘iecache’
HISTORY – Gets The IEHistory – ‘history’
TIME – Gets remote time – ‘time’
DATE – Gets remote date – ‘date'”
Deves manual removal: