Beast 2.01 (e)
Copyright © MegaSecurity
By Tataye
Informations
| From | Rumania |
| Author | Tataye |
| Family | Beast |
| Category | Remote Access |
| Version | Beast 2.01 (e) |
| Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINDOWS\dxdgns.dll size: 127,307 bytes
c:\WINDOWS\msagent\msfjvr.com size: 81,920 bytes
c:\WINDOWS\system32\coty.blf size: 94 bytes
c:\WINDOWS\system32\mscoty size: 3 bytes
c:\WINDOWS\system32\mscoty.com size: 81,920 bytes
port: 80 TCP
added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "COM Service"
data: C:\WINDOWS\msagent\msfjvr.com
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44CC0112-AB51-22EF-BA32-20AA12E6115C} "StubPath"
data: C:\WINDOWS\System32\mscoty.com
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run "COM Service"
data: C:\WINDOWS\msagent\msfjvr.com
tested on Windows XP
January 23, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.