PcShare XST

Released 18 years, 7 months ago. May 2006

By shesh

Informations

From	China
Author	shesh
Family	PcShare
Category	Remote Access
Version	PcShare XST
Released Date	May 2006, 18 years, 7 months ago.
Language	Microsoft Visual C++

Additional Information

Server:
dropped files:
c:\WINDOWS\system32\Zrjzmhau.dll    Size: 43,192 bytes 
c:\WINDOWS\system32\Zrjzmhau.ime    Size: 94,208 bytes 

added to registry:
HKEY_USERS\.DEFAULT\Software\Microsoft\Multimedia\DrawDib
HKEY_USERS\S-1-5-18\Software\Microsoft\Multimedia\DrawDib

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SENS\Parameters "ServiceDll"
old data: %SystemRoot%\system32\sens.dll 
new data: %SystemRoot%\System32\Zrjzmhau.dll 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS\Parameters "ServiceDll"
old data: %SystemRoot%\system32\sens.dll 
new data: %SystemRoot%\System32\Zrjzmhau.dll 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sens\Parameters "ServiceDll"
data: %SystemRoot%\System32\Zrjzmhau.dll 



tested on Windows XP
July 11, 2007