Beast 1.92 (g) (March 24, 2003)
Copyright © MegaSecurity
By Tataye
Informations
From | Rumania |
Author | Tataye |
Family | Beast |
Category | Remote Access |
Version | Beast 1.92 (g) (March 24, 2003) |
Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINDOWS\svchost.exe Size: 52,736 bytes
c:\WINDOWS\system32\kl.dli Size: 94 bytes
c:\WINDOWS\system32\Com\mscom32.com Size: 52,736 bytes
c:\WINDOWS\system32\wbem\wb.com Size: 52,736 bytes
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{45DD0432-AA51-31EF-EEFA-06AA12E6115C} "StubPath"
data: C:\WINDOWS\System32\wbem\wb.com
port: 666 TCP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run "COM Service"
data: C:\WINDOWS\System32\COM\mscom32.com
tested on Windows XP
October 01, 2005
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.