MoSucker 3.0 (a)
Copyright © MegaSecurity
By Superchachi
Informations
| From | Germany |
| Author | Superchachi |
| Family | MoSucker |
| Category | Remote Access |
| Version | MoSucker 3.0 (a) |
| Language | Visual Basic |
Additional Information
Server:
c:\WINDOWS\winexec32.dli
size: 252.386 bytes
port: 4288 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{MBUBRWF-KRFHC-CPG-QYGW-LRJSCPNSUR} "StubPath"
added:
(files)
c:\WINDOWS\qirqgs.bin
c:\WINDOWS\winstart.bat
(registry)
HKEY_CLASSES_ROOT\.dli\shell\open\commandIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.