Hellojan
Released 16 years, 10 months ago. March 2008
Copyright © MegaSecurity
By hellojand
Informations
| From | Turkey |
| Author | hellojand |
| Family | Hellojan |
| Category | Remote Access |
| Version | Hellojan |
| Released Date | Mar 2008, 16 years, 10 months ago. |
Additional Information
Client
Port: 52365 TCP
Server
Dropped Files:
c:\WINDOWS\system32\win0.exe Size: 322,711 bytes
c:\WINDOWS\system32\win1.exe Size: 322,711 bytes
c:\WINDOWS\system32\win2.exe Size: 322,711 bytes
c:\WINDOWS\system32\win3.exe Size: 322,711 bytes
c:\WINDOWS\system32\win4.exe Size: 322,711 bytes
c:\WINDOWS\system32\win5.exe Size: 322,711 bytes
c:\WINDOWS\system32\wspoolsv32.exe Size: 322,711 bytes
Startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Spoolsv Starter"
Data: c:\windows\system32\wspoolsv32.exe
Server does open 945 ports
Tested on Windows XP
April 08, 2008If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.