Beast 2.01 (a)
Released 21 years, 5 months ago. June 2003
Copyright © MegaSecurity
By Tataye
Informations
From | Rumania |
Author | Tataye |
Family | Beast |
Category | Remote Access |
Version | Beast 2.01 (a) |
Released Date | Jun 2003, 21 years, 5 months ago. |
Language | Delphi |
Additional Information
Client:
registry keys added:
HKEY_CLASSES_ROOT\.bad
HKEY_CLASSES_ROOT\.bst
HKEY_CLASSES_ROOT\BeastFile
HKEY_CLASSES_ROOT\BeastFile\DefaultIcon
HKEY_CLASSES_ROOT\BeastFile\shell
HKEY_CLASSES_ROOT\BeastFile\shell\open
HKEY_CLASSES_ROOT\BeastFile\shell\open\command
HKEY_CLASSES_ROOT\BeastFile1
HKEY_CLASSES_ROOT\BeastFile1\DefaultIcon
HKEY_CLASSES_ROOT\BeastFile1\shell
HKEY_CLASSES_ROOT\BeastFile1\shell\open
HKEY_CLASSES_ROOT\BeastFile1\shell\open\command
Server:
dropped files:
c:\WINDOWS\SVCHOST.EXE
c:\WINDOWS\COMMAND\msocge.com
c:\WINDOWS\SYSTEM\msqmqr.com
size: 52.224 bytes
port: 6666 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "COM Service"
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{44CC0112-AB51-22EF-BA32-20AA12E6115C} "StubPath"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "COM Service"
added:
c:\WINDOWS\SYSTEM\qmqr.blf
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Control
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.