GWGhost 2.5 A5 with dropper
Released 22 years, 8 months ago. February 2002
Copyright © MegaSecurity
By Machine_GW
Informations
| From | China |
| Author | Machine_GW |
| Family | GWGhost |
| Category | Information Stealer |
| Version | GWGhost 2.5 A5 with dropper |
| Released Date | Feb 2002, 22 years, 8 months ago. |
Additional Information
SetGhost (239.360 bytes) does drop the followingfiles:
c:\WINDOWS\SYSTEM\Config
c:\WINDOWS\SYSTEM\DXInput.dll
c:\WINDOWS\SYSTEM\gwghost.exe
c:\WINDOWS\SYSTEM\SCANREGW.EXE
c:\WINDOWS\SYSTEM\SetGhost.exe (185.344 bytes)
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ScanRegistry"
Old data: C:\WINDOWS\scanregw.exe /autorun
New data: C:\WINDOWS\SYSTEM\SCANREGW.EXE /autorun
Server:
c:\WINDOWS\SYSTEM\scanregw.exe
size: 35.584 bytes
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ScanRegistry"
Old data: C:\WINDOWS\scanregw.exe /autorun
New data: C:\WINDOWS\SYSTEM\SCANREGW.EXE /autorun
added:
c:\WINDOWS\SYSTEM\DXInput.dllIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.