Charge (b)
Copyright © MegaSecurity
By ?
Informations
| From | Germany |
| Author | ? |
| Family | Charge |
| Category | Remote Access |
| Version | Charge (b) |
| Language | Visual Basic |
Additional Information
Server:
C:\WINDOWS\charge.exe
C:\WINDOWS\SYSTEM\COMMAND.exe
size: 173387 bytes
port: 37651, 58134, 27373 TCP
startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
c:\windows\system.ini
changes:
C:\AUTOEXEC.BAT
C:\WINDOWS\AUTOEXEC.BAT
new:
C:\WINDOWS\WINSTART.BAT
C:\WINDOWS\Y.BATIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.