LaLa Rat 1.3
Released 16 years, 10 months ago. April 2008
Copyright © MegaSecurity
By La VozR
Informations
| Author | La VozR |
| Family | LaLa Rat |
| Category | Remote Access |
| Version | LaLa Rat 1.3 |
| Released Date | Apr 2008, 16 years, 10 months ago. |
| Language | C++ |
Additional Information
Server
Dropped Files:
c:\WINDOWS\system32\yinhu.bat Size: 47 bytes
c:\WINDOWS\system32\yinhu.dll Size: 61,440 bytes
Added to Registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPRIP\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPRIP\Enum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPRIP\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPRIP\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\HTTP\Parameters\S
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\3
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPRIP\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPRIP\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPRIP\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPRIP\Security
Tested on Windows XP
April 22, 2008If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.