Brmoda
Released 16 years, 6 months ago. March 2008
Copyright © MegaSecurity
By ?
Informations
| From | The Middle East |
| Author | ? |
| Family | Brmoda |
| Category | Remote Access |
| Version | Brmoda |
| Released Date | Mar 2008, 16 years, 6 months ago. |
Additional Information
Client
Dropped Files:
c:\msnmsgrs.exe Size: 83,131 bytes
c:\WINDOWS\system32\server.exe Size: 35,437 bytes
Added to Registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A9260CCB-B2B6-7B3B-D778-C92DBC5AEE18} "StubPath"
Data: C:\WINDOWS\system32\server.exe
Server
c:\WINDOWS\csrss.exe Size: 352,256 bytes
c:\WINDOWS\winlogs.dll Size: 168 bytes
Added to Registr:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "svhost"
Data: C:\WINDOWS\csrss.exe
Tested on Windows XP
April 14, 2008If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.