Krepper (g)

By ?

Informations

Author	?
Family	Krepper
Category	Remote Access
Version	Krepper (g)

Additional Information

dropped file:
c:\WINDOWS\system32\kernel32.exe
size: 876,544 bytes 

port: 211, 1180 TCP

added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Management\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\C
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Management\Security

tested on Windows XP
January 14, 2006