Beast 1.7 (1)
Released 21 years, 11 months ago. October 2002
Copyright © MegaSecurity
By Tataye
Informations
| From | Rumania |
| Author | Tataye |
| Family | Beast |
| Category | Remote Access |
| Version | Beast 1.7 (1) |
| Released Date | Oct 2002, 21 years, 11 months ago. |
| Language | Delphi, compressed with ASPack |
Additional Information
dropped files:
c:\WINNT\Help\msserv.chm size: 176.161 bytes (Backdoor.BeastDoor.17)
c:\WINNT\system32\kb.tlg size: 348 bytes
c:\WINNT\system32\mshost.exe size: 176.161 bytes (Backdoor.BeastDoor.17)
c:\WINNT\system32\nipaa.exe size: 167.439 bytes (Backdoor.BeastDoor.17)
port: 666 TCP
added to registry:
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_DriveFlags
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_GFA
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_GVI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NIPADAN\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIPAdAn\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIPAdAn\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NIPADAN\0000\Control
HHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NIPAdAn\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NIPAdAn\Security
tested on Win2000If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.