MOD
Released 17 years, 10 months ago. November 2006
Copyright © MegaSecurity
By txomin
Informations
| Author | txomin |
| Family | MOD |
| Category | Remote Access |
| Version | MOD |
| Released Date | Nov 2006, 17 years, 10 months ago. |
| Language | Visual Basic, source included |
Additional Information
Server:
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Emule"
data: \emule.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Local SAS"
data: C:\WINDOWS\lsass.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Messenger Service"
data: C:\Program Files\Messengermsmsgs.exe
HKEY_CLASSES_ROOT\batfile\shell\open\command "(Default)"
old data: "%1" %*
new data: KernelVX.com "%1" %*
HKEY_CLASSES_ROOT\cmdfile\shell\open\command "(Default)"
old data: "%1" %*
new data: KernelVX.com "%1" %*
HKEY_CLASSES_ROOT\comfile\shell\open\command "(Default)"
old data: "%1" %*
new data: KernelVX.com "%1" %*
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
old data: "%1" %*
new data: KernelVX.com "%1" %*
HKEY_CLASSES_ROOT\piffile\shell\open\command "(Default)"
old data: "%1" %*
new data: KernelVX.com "%1" %*
HKEY_CLASSES_ROOT\scrfile\shell\open\command "(Default)"
old data: "%1" /S
new data: KernelVX.com "%1" %*
tested on Windows XP
November 04, 2006If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.