ACiD Shivers 5.16
Copyright © MegaSecurity
By Hardkore Virus Labs
Informations
| Author | Hardkore Virus Labs |
| Family | AcidShivers |
| Category | Remote Access |
| Version | ACiD Shivers 5.16 |
| Language | Visual Basic |
Additional Information
Server:
dropped files:
c:\WINDOWS\MSGSVR16.EXE size: 250.880 bytes
c:\WINDOWS\SYSTEM\ .exe size: 250.880 bytes
c:\WINDOWS\SYSTEM\MSGSVR16.EXE size: 250.880 bytes
added to registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Explorer"
data: C:\WINDOWS\MSGSVR16.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce "Explorer"
data: C:\WINDOWS\system\MSGSVR16.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Explorer"
data:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce "Explorer"
data: C:\WINDOWS\MSGSVR16.EXE
tested on Windows 98
January 05, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.