Asylum 0.1.3 (e)
Copyright © MegaSecurity
By Slim
Informations
| Author | Slim |
| Family | Asylum |
| Category | Remote Access |
| Version | Asylum 0.1.3 (e) |
| Language | Delphi |
Additional Information
dropped file:
c:\WINDOWS\cfgsys32.exe
size: 7.170 bytes
port: 20249 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "cfgsys32"
data: C:\WINDOWS\cfgsys32.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run"
data: C:\WINDOWS\cfgsys32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "cfgsys32"
data: C:\WINDOWS\cfgsys32.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "load"
data: C:\WINDOWS\cfgsys32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
old data: Explorer.exe
new data: explorer.exe cfgsys32.exe
tested on Windows XP
December 18, 2004If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.