Dewin (k)
Copyright © MegaSecurity
By ?
Informations
| Author | ? |
| Family | Dewin |
| Category | Remote Access |
| Version | Dewin (k) |
Additional Information
dropped file:
c:\WINDOWS\Svchost.exe
size: 48.640 bytes
port: 9100, 23113, 25449 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "SystemReg"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "SystemReg"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SystemReg"
added:
c:\WINDOWS\Asfwin.sysIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.