Dosh (a)
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | Dosh |
| Category | Remote Access |
| Version | Dosh (a) |
| Language | Visual Basic |
Additional Information
dropped file:
C:\WINDOWS\windpd.bqi
size: 522 KB
port: 113, 1026, 1028, 1033, 1035, 1037, 1039, 1041, 1043 TCP
startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
keys added:
HKCR\.bqi
HKCR\dpndfile
HKCR\dpndfile\DefaultIcon
HKCR\dpndfile\shell
HKCR\dpndfile\shell\open
HKCR\dpndfile\shell\open\commandIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.