This is a Remote Administration Tool that is used by hackers to control the victim’s machine remotely. The possibilities of such program depend on the needs of the attacker. The attacker infects the PC via the e-mail or File and Print Sharing. A “server” allows him to connect via a “client” on his own machine. It was created by a hacker called phrostic. Several versions (MainLine 1.0 B, MainLine 1.5) appeared from June 2001 to January 2002. The program infects such operating systems as Windows 95/98.
From the publisher:
“MainLine 1.0 Beta
Mainline is a remote administration trojan system for Win95/98. this package contains 4 executable files. This is a beta version and will improve.
Getting Started Just edit the server, send the server to the victim, then when there online, run the client and connect and have fun.
Getting Rid Just delete everything in your MainLine directory? simple?
The Files the following files will be installed on your computer – Mainline.exe – client EXE file (used to control infected victims). This file is packed [not with upx] server.exe – server EXE file (you send to people you want to infect- this file will not be ran when you download the package and do not run the file on your own machine.) This is unpacked. I suggest after you edit the server you make a copy of it and dont pack it because after you pack it. You can not edit the packed server. readme.txt – this file EditServer.exe – editserver EXE file (used to tamper with the server’s settings.)
known bugs: 1) ICQ pager notify doesn’t work properly (but am working on it) Bind the server with an undetected pager. 2) When finished uploading client will give a runtime error, but the file will have been uploaded succesfully, and run
MainLine manual removal: