PCView 2006

Released 19 years, 1 month ago. December 2005

Copyright © MegaSecurity

By Perl


Informations
From China
Author Perl
Family PCView
Category Remote Access
Version PCView 2006
Released Date Dec 2005, 19 years, 1 month ago.
Language Delphi
Additional Information
dropped files:
%local dir%\inject.exe                             Size: 42,496 bytes 
%local dir%\Protectcs.dll                          Size: 110,592 bytes 
%local dir%\root.exe                               Size: 49,664 bytes 
c:\Program Files\Internet Explorer\hook.dll        Size: 29,696 bytes 
c:\Program Files\Internet Explorer\inject.exe      Size: 42,496 bytes 
c:\Program Files\Internet Explorer\PMIGRATES.DLL   Size: 110,592 bytes 
c:\Program Files\Internet Explorer\root.exe        Size: 49,664 bytes 
c:\Program Files\Internet Explorer\Srvchost.exe    Size: 223,232 bytes 

startup:
HKEY_CLASSES_ROOT\inffile\shell\open\command "(Default)"
old data: %SystemRoot%\System32\NOTEPAD.EXE %1 
new data: C:\progra~1\intern~1\Srvchost.exe 

HKEY_CLASSES_ROOT\inifile\shell\open\command "(Default)"
old data: %SystemRoot%\System32\NOTEPAD.EXE %1 
new data: C:\progra~1\intern~1\Srvchost.exe 

	
tested on Windows XP
December 26, 2005

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.