HGZ 0.1
Released 22 years ago. February 2003
Copyright © MegaSecurity
By HGZ
Informations
| From | China |
| Author | HGZ |
| Family | HGZ |
| Category | Remote Access |
| Version | HGZ 0.1 |
| Released Date | Feb 2003, 22 years ago. |
| Language | Delphi, compressed with ASPack |
Additional Information
Client:
port: 8001, 8002, 8003, 8004, 8005 TCP
Server:
dropped file:
c:\WINNT\system32\HgzServer.exe
size: 356.024 bytes
port: 1506, 52013 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "huigezi"
data: C:\WINNT\system32\HgzServer.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run"
data: C:\WINNT\system32\HgzServer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "huigezi"
data: C:\WINNT\system32\HgzServer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "huigezi"
data: C:\WINNT\system32\HgzServer.exe
tested on Windows 2000If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.