Beast 2.01 (a)

Released 21 years, 5 months ago. June 2003

Copyright © MegaSecurity

By Tataye


Informations
From Rumania
Author Tataye
Family Beast
Category Remote Access
Version Beast 2.01 (a)
Released Date Jun 2003, 21 years, 5 months ago.
Language Delphi
Additional Information
Client:
registry keys added:
HKEY_CLASSES_ROOT\.bad 
HKEY_CLASSES_ROOT\.bst 
HKEY_CLASSES_ROOT\BeastFile 
HKEY_CLASSES_ROOT\BeastFile\DefaultIcon 
HKEY_CLASSES_ROOT\BeastFile\shell 
HKEY_CLASSES_ROOT\BeastFile\shell\open 
HKEY_CLASSES_ROOT\BeastFile\shell\open\command 
HKEY_CLASSES_ROOT\BeastFile1 
HKEY_CLASSES_ROOT\BeastFile1\DefaultIcon 
HKEY_CLASSES_ROOT\BeastFile1\shell 
HKEY_CLASSES_ROOT\BeastFile1\shell\open 
HKEY_CLASSES_ROOT\BeastFile1\shell\open\command 



Server:
dropped files:
c:\WINDOWS\SVCHOST.EXE 
c:\WINDOWS\COMMAND\msocge.com 
c:\WINDOWS\SYSTEM\msqmqr.com 

size: 52.224 bytes

port: 6666 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "COM Service" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{44CC0112-AB51-22EF-BA32-20AA12E6115C} "StubPath" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "COM Service" 

added:
c:\WINDOWS\SYSTEM\qmqr.blf 

HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Control

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.