Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Master's Paradise


Aliases:


Master's Paradise
Backdoor.Krass , Hacker's Paradise

Malware

W32

Summary

Master's Paradise is not a virus or a trojan. Actually things like NetBus, Back Orifice, Deep Throat, Master's Paradise and Hacker's Paradise are called 'backdoors' or hacker's remote access tools. These tools being purposely or unintentionally installed on any computer provide hidden access to this computer for hackers - i.e. open a 'backdoor' in remote computer system. These tools are quite widespread and used frequently to steal data and delete files on peoples machines.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details

Master's Paradise has client and server parts. The server part has to be installed on remote system to provide access to it. Originally Master's Paradise was spread with the game called 'Pie Bill Gates'. When user runs the game (that was actually a self-extracting archive), the server part of Master's Paradise is installed on his system. Two files are copied to \Windows\ directory: SysEdit.EXE and KeyHook.DLL. Execution of SysEdit.EXE is added to Windows registry to the following key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run


With these settings the server part of Master's Paradise will be launched each time Windows starts and will keep listening to certain TCP/IP ports for commands from client part. The client part allows a hacker to control remote computer system where the server part is installed and activated. The client part has dialog interface which makes it easier to manipulate remote system objects.

Capabilities of Master's Paradise and Hacker's Paradise include:

1. Access to all media available on target computer
 2. Sending, receiving and deleting files
 3. Creating and deleting folders
 4. Sending and receiving keystrokes, blocking keyboard access
 5. Sending messages and receiving answers from user
 6. Controlling any application windows and all their components
 7. Highlithing application windows (yellow flash)
 8. Receiving screendump in multiple resolutions (can be saved to file)
 9. Total or partial control over mouse in Full-Screen Control mode
 10. Controlling server part: enabling, disabling, setting password, info
 11. Restarting computer
 12. Getting RAS information: provider, user name and password
 13. Batch processing for automatic poll data from remote computers
 

Master's Paradise has some addons (depending on its version) - DNS Master, IP Master, Ping Bomber and Port Scanner. German and English interfaces are available.

Master's Paradise was created by Dan Lehmann from Munich Brain House, one of German's hacker groups.

Hacker's Paradise backdoor is a variant of Master's Paradise but it is lacking some bugs and is using different TCP/IP ports.





Technical Details: Alexey Podrezov, F-Secure



Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.