Backdoor
Released 19 years, 8 months ago. February 2005
Copyright © MegaSecurity
By Heel
Informations
| From | Russia |
| Author | Heel |
| Family | BackDoor |
| Category | Remote Access |
| Version | Backdoor |
| Released Date | Feb 2005, 19 years, 8 months ago. |
| Language | Delphi, compressed with UPX |
Additional Information
Server:
dropped file:
c:\WINDOWS\svchost.exe
size: 169,472 bytes
port: 1764 TCP
added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools"
data: 01, 00, 00, 00
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
data: 01, 00, 00, 00
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Svchost"
data: C:\WINDOWS\svchost.exe
tested on Windows XP
April 17, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.