Allm�chtig
Released 18 years, 10 months ago. December 2005
Copyright © MegaSecurity
By ?
Informations
| Author | ? |
| Family | Allm�chtig |
| Category | Remote Access |
| Version | Allm�chtig |
| Released Date | Dec 2005, 18 years, 10 months ago. |
Additional Information
dropped files:
c:\Documents and Settings\All Users\Documents\bat.bat Size: 408 bytes
c:\Documents and Settings\All Users\Documents\CSRSS.exe Size: 103,936 bytes
c:\Documents and Settings\All Users\Documents\end.bat Size: 274 bytes
c:\Documents and Settings\All Users\Documents\ftp2.bat Size: 1,148 bytes
c:\WINDOWS\Temp\Perflib_Perfdata_28c.dat Size: 16,384 bytes
added to registr:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "*!system"
data: C:\Docume~1\AllUse~1\Docume~1\CSRSS.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_RDPWD\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDTCP\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPWD\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDTCP\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\,
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RDPWD\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDTCP\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPWD\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDTCP\Enum
tested on Windows XP
December 29, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.