Combined Forces
Released 19 years ago. November 2005
Copyright © MegaSecurity
By Dark#Basics, Cerberus, Mafia, Nabz
Informations
| Author | Dark#Basics, Cerberus, Mafia, Nabz |
| Family | Combined Forces |
| Category | Remote Access |
| Version | Combined Forces |
| Released Date | Nov 2005, 19 years ago. |
| Language | Visual Basic |
Additional Information
Server:
dropped files:
c:\Program Files\Internet ExplorerIE.ico Size: 9,664 bytes
c:\Program Files\Internet ExplorerMSN.ico Size: 9,664 bytes
c:\Program Files\Internet Explorerwinup.ico Size: 4,288 bytes
c:\Program Files\Internet ExplorerWMP.ico Size: 9,664 bytes
c:\Program Files\Internet Explorer\internetexplorer.exe Size: 94,208 bytes
c:\WINDOWS\system32\Microsoft\sysfils\syslogon\backup002.exe Size: 94,208 bytes
c:\WINDOWS\system32\Microsoft\sysfils\syslogon\Settings.ecu Size: 19 bytes
c:\WINDOWS\system32\sysemboot\IE.ico Size: 9,664 bytes
c:\WINDOWS\system32\sysemboot\WINUP.ico Size: 4,288 bytes
c:\WINDOWS\system32\sysemboot\bootbackup\plugins\guardplug.dll Size: 114,688 bytes
port: 8171 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "msnmsgr"
data: C:\WINDOWS\system32\winupdate32.exe
tested on Windows XP
November 30, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.