NinjaSpy Trojan 2009 Beta
Released 15 years, 9 months ago. December 2008
Copyright © MegaSecurity
By KAJU
Informations
| From | Brazil |
| Author | KAJU |
| Family | NinjaSpy |
| Category | Remote Access |
| Version | NinjaSpy Trojan 2009 Beta |
| Released Date | Dec 2008, 15 years, 9 months ago. |
| Language | Delphi |
Additional Information
Server:
Dropped Files:
c:\WINDOWS\smlogitech.vbs Size: 179 bytes
c:\WINDOWS\inf\services.exe Size: 368,154 bytes
c:\WINDOWS\system\cmd.exe Size: 40,448 bytes
c:\WINDOWS\system32\explorer.dll Size: 368,154 bytes
c:\WINDOWS\system32\ultravnc.ini Size: 683 bytes
c:\WINDOWS\system32\wins.dll Size: 860 bytes
Added to Registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Network Services"
Data: C:\WINDOWS\inf\services.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "NetWork"
Data: C:\WINDOWS\system\cmd.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "DisableNotifications"
Data: 01, 00, 00, 00
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "DoNotAllowExceptions"
Data: 00, 00, 00, 00
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "DisableNotifications"
Data: 01, 00, 00, 00
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "DoNotAllowExceptions"
Data: 00, 00, 00, 00
Tested on Windows XP
December 23, 2008If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.