OICQsearch 1.80
Released 20 years, 9 months ago. February 2004
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | OICQsearch |
| Category | Remote Access |
| Version | OICQsearch 1.80 |
| Released Date | Feb 2004, 20 years, 9 months ago. |
| Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINNT\use32.dat size: 6 bytes
c:\WINNT\system32\fuse.dat size: 60 bytes
c:\WINNT\system32\msacs16.dll size: 16.896 bytes
c:\WINNT\system32\scanregw.exe size: 114.696 bytes
c:\WINNT\system32\drivers\notepad.exe size: 114.696 bytes
port: 3426, 3427, 3428, 3431, 3432, 3433, 3434, 3435, 3436, 3437, 3438, 3439, 3430 TCP
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "scanregw"
data: C:\WINNT\system32\Scanregw.exe
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"
data: C:\WINNT\system32\drivers\notepad.exe %1If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.