GedBot v2
Copyright © MegaSecurity
By GEDZAC LABS
Informations
| Author | GEDZAC LABS |
| Family | GedBot |
| Category | Remote Access |
| Version | GedBot v2 |
| Language | Visual Basic, compressed with UPX |
Additional Information
dropped file:
c:\WINDOWS\svshots.exe
size: 16,896 bytes
port: 3667 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "svshots"
data: C:\WINDOWS\svshots.exe
HKEY_LOCAL_MACHINE\SOFTWARE\GedzacLabs "Title"
data: GedBot by GEDZAC LABS
attempts to connect to an IRC Server
tested on Windows XP
August 19, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.