Devil 6 (c)
Copyright © MegaSecurity
By Sforever
Informations
| From | China |
| Author | Sforever |
| Family | Devil |
| Category | Remote Access |
| Version | Devil 6 (c) |
| Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINDOWS\f.dat Size: 51,733 bytes
c:\WINDOWS\msconfig.exe Size: 214,764 bytes
c:\WINDOWS\SysPr.prx Size: 0 bytes
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Master"
data: C:\WINDOWS\msconfig.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836} "stubpath"
data: C:\WINDOWS\msconfig.exe s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Master"
data: C:\WINDOWS\msconfig.exe
tested on Windows XP
January 22, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.