Strimage.exe: Difference between revisions
Screamer1234 (talk | contribs) No edit summary |
Screamer1234 (talk | contribs) m (Protected "Strimage.exe" ([Edit=Allow only autoconfirmed users] (indefinite) [Move=Allow only autoconfirmed users] (indefinite))) |
(No difference)
|
Revision as of 02:10, 3 October 2020
This screamer/shock site is lost. |
This screamer/shock site is lost. |
Template:Malicious Scripts Strimage.exe is a screamer program written in VB6 which spread across China in around 2005.
It has an icon of the folder in Win9X style, attempts to make the user think it's a normal folder and run it. When executed, it seems that nothing happened. However, the program has already copied itself to several system directories, deleted the original file, and set itself to the default application for opening JPEG files. So each time the user double click on a JPEG file, the program will be called to run., Then, the program will check the date on the local computer. If the date it's not Friday, Saturday or Sunday, the program will terminate itself. Otherwise, the screamer will begin the countdown for a random amount of time between 5 minutes and 15 minutes in the background. After finished counting, the program will show its main payload, which is a ghostly girl and half of her face is a skeleton. The eyeball on the other half can move and a crying sound effect will be played. Click anywhere will exit the screamer.
It can be found in the source code that the project was firstly named StarField and the caption of the screamer window is also the same. There is a Type class in the code-named Star which featured X, Y, Speed, Size and Color. It seems like that the author was initially wanted to write a screensaver or some visual program.
Links
Download
NOTE: The following download link contains a screamer application, as a well-known malicious script that may could potentially harm your computer!
- Main Program: mega.nz/#!ckAn3QRB!FeBfTj5fZz5ADBuprpSpeWp1DqF2zYi5z--F9he4zUQ
- Killer Program (Written by the author in order to remove it): mega.nz/#!EGAhDbRK!Whb4oCftezhguhuiwceBc4mcH004a6LuxL-nH7qA
- Source Code: mega.nz/#!gOpmxaJR!8FYRaJUH3HeMLBnZpyyxv_ZfyVmtCXC0YUpPlSH8-Xg