NinjaSpy Poke Server
Released 20 years, 1 month ago. October 2004
Copyright © MegaSecurity
By NinjaSpy
Informations
| From | Brazil |
| Author | NinjaSpy |
| Family | NinjaSpy |
| Category | Remote Access |
| Version | NinjaSpy Poke Server |
| Released Date | Oct 2004, 20 years, 1 month ago. |
| Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINDOWS\cmd.dll Size: 816,128 bytes
c:\WINDOWS\Regedit.ocx Size: 816,128 bytes
c:\WINDOWS\system32\Explorer.dll Size: 816,128 bytes
c:\WINDOWS\system32\Kernel32.ocx Size: 816,128 bytes
port: 2003, 2004 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
old data: Explorer.exe
new data: explorer.exe C:\WINDOWS\System32\Explorer.dll
HKEY_CLASSES_ROOT\dllfile\shell\open\command "(Default)"
data: %1
HKEY_CLASSES_ROOT\ocxfile\shell\open\command "(Default)"
data: %1
HKEY_CLASSES_ROOT\sysfile\shell\open\command "(Default)"
data: %1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Microsoft Windows"
data: C:\WINDOWS\cmd.dll
tested on Windows XP
February 15, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.