FTPH2004
Released 20 years, 5 months ago. May 2004
Copyright © MegaSecurity
By Bros Team
Informations
| Author | Bros Team |
| Family | FTPH2004 |
| Category | Remote Access |
| Version | FTPH2004 |
| Released Date | May 2004, 20 years, 5 months ago. |
| Language | Visual Basic |
Additional Information
Server:
port: 7896, 7897 TCP
dropped files:
c:\WindowsDAT.exe size: 307.200 bytes
c:\WINDOWS\WliveUPdate.exe size: 307.200 byte
registry added:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Shell2938"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce "QuickTask"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce "FTH2004"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MAT"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce "NortonAVProtect"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce "Player00997If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.