Ontarget 1.1
Released 21 years, 3 months ago. August 2003
Copyright © MegaSecurity
By Ontarget
Informations
| From | Colombia |
| Author | Ontarget |
| Family | Ontarget |
| Category | Remote Access |
| Version | Ontarget 1.1 |
| Released Date | Aug 2003, 21 years, 3 months ago. |
| Language | Visual Basic, based on source of VNC |
Additional Information
Installer "huevocartoon.exe" pops up a cartoon webpage.
Installer "orisinal.exe" looks like a "Orisinal Games Setup"
Server:
dropped files:
c:\WINDOWS\lsass.exe size: 249.856 bytes
c:\WINDOWS\pchealth\pchealth.exe size: 443.392 bytes
c:\Program Files\Huevocartoon\huevocartoon.htm
c:\WINDOWS\ISS.set
c:\WINDOWS\lsass.exe
c:\WINDOWS\MicrosotfDirectx.txt
c:\WINDOWS\Desktop\Huevocartoon.lnk
c:\WINDOWS\pchealth\pchealth.exe
c:\WINDOWS\pchealth\VNCHooks.dll
c:\WINDOWS\Start Menu\Programma's\Huevocartoon\Huevocartoon.lnk
c:\WINDOWS\SYSTEM32\wbem\pluscold.exe
c:\WINDOWS\SYSTEM32\wbem\plushot.exe
c:\WINDOWS\SYSTEM32\wbem\secrcw32.exe
c:\WINDOWS\SYSTEM32\wbem\trnsprov.swf
c:\WINDOWS\SYSTEM32\wbem\tscfgwmi.swf
port: 2000, 5555, 5800, 5900, 9908, 9909 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.